|
Home > Archive > microsoft.public.exchange2000.admin > October 2002 > IP filter on Exchange 2000 ports
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IP filter on Exchange 2000 ports
|
|
|
| I'd like to set an IP filter on the Exchange server to only receive those
ports necessary. Would that be 25, 80, and 443? All clients would either
be Outlook Exchange Server or OWA. Any other ports?
| |
| Ronen Gabbay 2002-10-05, 8:15 pm |
| You can not set this packet filter to Exchange , you can set it on the
firewall only
Exchange server uses the default ports for the internet protocols
POP 110 SSL 993
IMAP 143 SSL 995
SMTP 25 SSL 25
NNTP 119 SSL 563
RPC for MAPI this is dynamic protocol the session begin at port 135
and redirected to a higher port usually between 1024 - 5000
Link state 691 between all server in the routing group
If you are using any other service then the default port for that protocol
is used.
By running netstat command you can see all sessions to and from the server.
For the local LAN exchange uses more services like Kerberos, DNS
,LDAP,etc....
don't filter those on the Exchange server.
--
Please do not send email directly to this alias.
This posting is provided "AS IS" with no warranties, and confers no rights
Ronen Gabbay MCT MCSE+I MCDBA
Hi-Tech College
ISRAEL
"Randy" <sec_edh@hotmail.com> wrote in message
news:u$FZQ8TTCHA.3764@tkmsftngp08...
> I'd like to set an IP filter on the Exchange server to only receive those
> ports necessary. Would that be 25, 80, and 443? All clients would either
> be Outlook Exchange Server or OWA. Any other ports?
>
>
>
>
| |
|
| Thank you.
"Ronen Gabbay" <ronen@hi-tech.co.il> wrote in message
news:u$gHmXUTCHA.4120@tkmsftngp12...
> You can not set this packet filter to Exchange , you can set it on the
> firewall only
>
> Exchange server uses the default ports for the internet protocols
>
> POP 110 SSL 993
> IMAP 143 SSL 995
> SMTP 25 SSL 25
> NNTP 119 SSL 563
>
> RPC for MAPI this is dynamic protocol the session begin at port 135
> and redirected to a higher port usually between 1024 - 5000
>
> Link state 691 between all server in the routing group
>
> If you are using any other service then the default port for that protocol
> is used.
>
> By running netstat command you can see all sessions to and from the
server.
>
> For the local LAN exchange uses more services like Kerberos, DNS
> ,LDAP,etc....
> don't filter those on the Exchange server.
> --
> Please do not send email directly to this alias.
>
> This posting is provided "AS IS" with no warranties, and confers no rights
>
> Ronen Gabbay MCT MCSE+I MCDBA
> Hi-Tech College
> ISRAEL
> "Randy" <sec_edh@hotmail.com> wrote in message
> news:u$FZQ8TTCHA.3764@tkmsftngp08...
> > I'd like to set an IP filter on the Exchange server to only receive
those
> > ports necessary. Would that be 25, 80, and 443? All clients would
either
> > be Outlook Exchange Server or OWA. Any other ports?
> >
> >
> >
> >
>
>
| |
| Ed Woodrick 2002-10-05, 8:15 pm |
| Don't forget that an Exchange Server is also a member server.
"Randy" <sec_edh@hotmail.com> wrote in message
news:u$FZQ8TTCHA.3764@tkmsftngp08...
> I'd like to set an IP filter on the Exchange server to only receive those
> ports necessary. Would that be 25, 80, and 443? All clients would either
> be Outlook Exchange Server or OWA. Any other ports?
>
>
>
>
|
|
|
|
|