Well the Exchange box would need access to port 389 pointing to the domain controller.This one I know for sure. Thanks Shannon ----------------------------------------- Original Message: From: Jared Johnson <jaredsjazz@xxxxxxxxx> To: [ExchangeList] <exchangelist@xxxxxxxxxxxxx> Sent: Fri Feb 06 14:38:13 CST 2004 Subject: [exchangelist] Exchange 2000 in a DMZ? Active Directory ports? http://www.MSExchange.org/ Hi All I've heard from various sources that they recommend that Exchange 2000 be kept in a DMZ. However, I thought that doing so we would have to open up too many ports for Active Directory. What are your opinions for putting Exchange in a DMZ? Also, does anyone know which ports Exchange needs open to replicate with Active Directory? All opinions are most welcome. Mark, are you out there? :) Thank you, Jared __________________________________ Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online. http://taxes.yahoo.com/filing.html ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------