Deploying Exchange 2003

  • From: Alejandro Contreras <acontreras@xxxxxx>
  • To: "'exchangelist@xxxxxxxxxxxxx'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 30 Dec 2003 12:18:40 -0500

Hi Al

We used the host file so that we didn't have to poke additional holes on our
firewalls for DNS resolution.

And yup, port 80 is also necessary from ironmail to OWA.

Hope that helps,

Cheers,

Alex.

-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Tuesday, December 30, 2003 10:25 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Deploying Exchange 2003


http://www.MSExchange.org/

Thanks Alex.  That's helpful.

Still curious: any reason to use the hosts file vs. DNS at this point?  I'm
thinking you also opening TCP 80 to the BE server, right? 

-----Original Message-----
From: Alejandro Contreras [mailto:acontreras@xxxxxx] 
Sent: Tuesday, December 30, 2003 10:17 AM
To: [ExchangeList]
Subject: [exchangelist] Deploying Exchange 2003

http://www.MSExchange.org/

Hi Al,
I agree with what you've mentioned below. The only reason we added the
additional OWA zone was in order allow our IDS people to monitor all traffic
between the appliance and OWA, and OWA and the Domain controllers inside. We
actually left all ports open between the OWA zone and the trusted network at
first, and then locked it tight so only the authentication and communication
ports where open.

Application Server       To KDC  Return traffic 
Initial ticket request   88/udp  xxxx/udp       
Kerberos 5-to-4 ticket conversion        4444/udp        xxxx/udp       
LDAP     389/tcp         xxxx/tcp               
Used a host file entry on OWA for DCs.          
I think I got all of them.
Cheers,
Alex.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------


Other related posts: