Ports to be opened for Excahange 2003 Reverse Proxy
Hi
We are using 2 Exchange 2003 BE & 2 FE servers. All placed in internal network. Now we have a reverse proxy appliance placed in DMZ zone. All the features like Webmail, Active Sync and Rpc Over Https are working fine only when we open all ports
in internal Firewall from the appliance to FE server. From the appliance we configured to communicate to FE server through port 443. We searched all over internet and didn't find any relevant docs. We expect your help to troubleshoot the issue
Thanks in advance
LMS
June 2nd, 2011 5:29pm
Here is a good article http://www.isaserver.org/articles/2004perimeterdomain.html
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2011 5:41pm
443 for sure and 80 to the CAS if you plan on doing HTTP to HTTPS redirect.
You will also need to open up ports to the DC for authentication.
LDAP ports: 389, 636 (TCP)
Global catalog ports: 3268, 3269 (TCP)
RPC services: 1025-5000 (TCP)
RPC portmapper listener: 135 (TCP)
Kerberos exchanges: 88 (TCP, UDP)
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
June 2nd, 2011 5:48pm
443 and 80 to the CAS if you plan on doing HTTP to HTTPS redirect. Also you will likely need to open ports from your reverse proxy to a DC for authentication.
Configuring Active Directory authentication
http://technet.microsoft.com/en-us/library/dd857231.aspx
LDAP ports: 389, 636 (TCP)
Global catalog ports: 3268, 3269 (TCP)
RPC services: 1025-5000 (TCP)
RPC portmapper listener: 135 (TCP)
Kerberos exchanges: 88 (TCP, UDP)James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2011 5:50pm
HI
Thank You all for helpful relies. Remember that we are not using ISA as reverse proxy, we are using Blue Coat appliance. We will open the above mentioned ports and will update soon
Regards
LMS
June 2nd, 2011 7:02pm
How is thing going on? If there is any progress or question, please feel free to post it here.
Thanks.
NovakPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2011 4:41am
Hi
We opened the ports 80, 443, 6001,6002 & 6004 to FE servers from BC appliance and thus resolved all issues.
Thanks all for the help
LMS
June 6th, 2011 9:40am