Firewall Ports Keep Changing for Exchange

Firewall Ports Keep Changing for Exchange
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Firewall Ports Keep Changing for Exchange Lynnette 08-04-2005
Posted by =?Utf-8?B?THlubmV0dGU=?= on August 4, 2005, 5:33 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello -

We have an Exchange 2003 Server running on a GSX Virtual Server. Each night
the virtual server is stopped for backup and restarted. When the users come
in each morning, their Outlook desktop client is found to be blocked by the
firewall on the Exchange Server. It seems we're having to open a different
1400 port each time and afterwards their Outlook desktop clients can connect.
We're using Windows Server 2003's firewall. The store.exe seems to be the
process that is using the 1400 ports. It is a privileged application on the
firewall. Any ideas as to how the firewall/client might be reconfigured so
the needed ports are opened and we do not have to open new ports all the
time? Can store.exe, or the Outlook desktop client, be forced to use a
specified port?

Thanks,
Lynnette

Posted by Karl Levinson, mvp on August 4, 2005, 7:21 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
There is a KB article at www.microsoft.com/support on how to configure
Exchange to use static RPC ports so it can go through firewalls. It
involves editing a registry value. With RPC, applications usually make an
initial connection to the port mapper port, in this case TCP 135, in order
to find out what other port or ports are listening for that application.
See below:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;270836
www.google.com/search?q=site%3Amicrosoft.com+static+port+exchange+registry+f
irewall



> Hello -
>
> We have an Exchange 2003 Server running on a GSX Virtual Server. Each
night
> the virtual server is stopped for backup and restarted. When the users
come
> in each morning, their Outlook desktop client is found to be blocked by
the
> firewall on the Exchange Server. It seems we're having to open a
different
> 1400 port each time and afterwards their Outlook desktop clients can
connect.
> We're using Windows Server 2003's firewall. The store.exe seems to be
the
> process that is using the 1400 ports. It is a privileged application on
the
> firewall. Any ideas as to how the firewall/client might be reconfigured
so
> the needed ports are opened and we do not have to open new ports all the
> time? Can store.exe, or the Outlook desktop client, be forced to use a
> specified port?
>
> Thanks,
> Lynnette



Posted by =?Utf-8?B?UGF1bA==?= on August 4, 2005, 8:21 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
You pretty much should only have to do this:
http://support.microsoft.com/kb/298369/

"Lynnette" wrote:

> Hello -
>
> We have an Exchange 2003 Server running on a GSX Virtual Server. Each night
> the virtual server is stopped for backup and restarted. When the users come
> in each morning, their Outlook desktop client is found to be blocked by the
> firewall on the Exchange Server. It seems we're having to open a different
> 1400 port each time and afterwards their Outlook desktop clients can connect.
> We're using Windows Server 2003's firewall. The store.exe seems to be the
> process that is using the 1400 ports. It is a privileged application on the
> firewall. Any ideas as to how the firewall/client might be reconfigured so
> the needed ports are opened and we do not have to open new ports all the
> time? Can store.exe, or the Outlook desktop client, be forced to use a
> specified port?
>
> Thanks,
> Lynnette

Posted by Lanwench [MVP - Exchange] on August 7, 2005, 11:11 am
If you were  Registered and logged in, you could reply and use other advanced thread options


> Hello -
>
> We have an Exchange 2003 Server running on a GSX Virtual Server.
> Each night the virtual server is stopped for backup and restarted.
> When the users come in each morning, their Outlook desktop client is
> found to be blocked by the firewall on the Exchange Server. It seems
> we're having to open a different 1400 port each time and afterwards
> their Outlook desktop clients can connect. We're using Windows Server
> 2003's firewall. The store.exe seems to be the process that is using
> the 1400 ports. It is a privileged application on the firewall. Any
> ideas as to how the firewall/client might be reconfigured so the
> needed ports are opened and we do not have to open new ports all the
> time? Can store.exe, or the Outlook desktop client, be forced to use
> a specified port?
>
> Thanks,
> Lynnette

OT, but you should be doing online backups of Exchange, which do not require
stopping services or dismounting stores. Also, I don't know that I'd want to
run my production Exchange server in a virtual server, but that's just
me....what is it that makes you need to restart the virtual server anyway?



Similar ThreadsPosted
changing rule settings in windows firewall January 6, 2007, 1:27 am
Blocking all not necessary ports for servers on Firewall February 19, 2007, 9:27 am
Windows 2003 firewall - limiting the range of dynamic RPC ports February 17, 2006, 4:04 am
best exchange secured option January 11, 2006, 9:24 am
exchange best secured option January 11, 2006, 9:26 am
antigen 9.0 for exchange server June 24, 2007, 9:54 am
Changing password July 19, 2005, 3:56 pm
Changing lockout in XP Pro SP 2 January 9, 2007, 9:05 pm
Security issue with MS Exchange moving November 28, 2005, 5:08 pm
Live Foreign Exchange Dot Com is FOR SALE April 15, 2006, 7:09 pm

The site map in XML format XML site map

Contact Us | Privacy Policy