RE: Firewall Ports for OWA 2000

  • From: "Mulnick, Al" <Al.Mulnick@xxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 10 Jan 2005 10:29:32 -0500

Depends on your configuration.  Is the fe server in the DMZ or on the
internal network?  

Typically, if you deploy OWA, you want to get to it via SSL (TCP 443) from
the internet.  From there, you then have to allow the FE server to talk to
the AD which infers internal DNS as well because the FE server must be a
member of the forest that Exchange is in.  If your firewall is between the
FE server and the AD/Exchange servers, you'll need to allow more traffic in
other words.

If FE already has the full amount of connectivity it should have, then you
should only need to allow tcp 80 or tcp 443 to make it work.  If it's not,
you may additionally want to check the deny logs on the fireall device to
see what it's trying to do that it can't.  Could be the verbs, or it could
be access (although if they get that far, it's more likely the verbs not
being allowed on that particular firewall device.)

For a list of ports: http://support.microsoft.com/kb/280132 might be useful.

Al

-----Original Message-----
From: Knutsen, Vicki [mailto:vickik@xxxxxxxxxxx] 
Sent: Monday, January 10, 2005 10:17 AM
To: [ExchangeList]
Subject: [exchangelist] Firewall Ports for OWA 2000

http://www.MSExchange.org/

Hey list -
I am looking on the Microsoft site for this info too as I know it has to be
somewhere - but I know sometimes asking this list is faster than searching
so pardon a question that I should already know the answer for.

Our firewall died over the weekend and we opened port 80 for the OWA
(Exchange 2000) but the forward and reply buttons seem to do nothing when I
access my email - what are the other ports on a firewall that need to be
opened or is this a different issue?
 

Vicki Knutsen
Information Systems Administrator
Northwest District LCMS - www.nowlcms.org
1-888-693-5267 ext 129 

Prov 16:9 
9       In his heart a man plans his course, but the LORD determines his
steps. (NIV) 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
al.mulnick@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx


Other related posts: