Re: Outlook access through a firewall

---

• From: "Mark Arnold [MVP]" <mark@xxxxxxxx>
• Date: Thu, 28 Jul 2005 17:28:16 +0100

---

On 28 Jul 2005 09:04:31 -0700, "Mierdaan" <goeman@xxxxxxxxx> wrote:

>Greetings,
>
>We're currently trying to get Outlook working through a firewall, and
>connected to Exchange 2000. I've read from multiple sources that this
>requires locking down the high-numbered ports that the RPC Endpoint
>Mapper hands out (via a registry edit), then opening up TCP port 135
>and the high-numbered ports in the firewall.

just stop, please stop.
So many providers ban 135-139 through their networks as to make it
pretty unreliable.

>
>We've done this, and for some reason it seems to not be working. We
>set up an access rule and a translation rule in our PIX, identical to
>the one that allows HTTP traffic to the Exchange server for OWA (except
>for port 135 instead of 80). However, when telnetting to the outside
>address specified in the translation rule on port 135, we get no
>answer; the connection isn't refused, it just hangs while trying to
>make the connection. Doing the same thing from inside the network
>yields a familiar input prompt, indicating that the service is indeed
>listening.
>
>Since the access list and translation rule we set up are identical to
>the (working) one allowing HTTP traffic through, we think that this
>isn't a firewall issue. Is there any setting in Exchange that would
>deny connections on port 135 to things, say, outside of the subnet? I
>know you can configure access restrictions on the built-in
>HTTP,IMAP,POP3 servers, but I find no similar setting that would
>explain what we're seeing.
>
>Any advice appreciated.

Stick with OWA for now. Go with Exchange 2003 as soon as timescales &
funding permits, then use RPC over HTTPS. This needs only Port 443
open, the same as for OWA.
.

---

• References:
  • Outlook access through a firewall
    • From: Mierdaan

• Prev by Date: OWA 5.5 w/only Exch 2000,2003 servers in site
• Next by Date: Re: E-mails directly to Archive?
• Previous by thread: Outlook access through a firewall
• Next by thread: OWA puts additional character into each message
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: AS4.2/WM5/OUTLOOK2K3 suddenly not syncing, please help ... there is a connection EXIST between the device because I ... connection on port 26675 but on the PPC the port number keeps ... Outlook, countless times of reinstalling Activesync, removing Windows ... Firewall set to NO). ... (microsoft.public.pocketpc.activesync) RE: Exchange 2003 ... This behavior seems plausible if there's a stateful firewall in the ... the case, then clearly, you won't get anything back from an nbtstat, ... does it allow it after there's a connection?". ... without exchange 2003 on it. ... (Pen-Test) Re: Store and forward server ... address space but not the port. ... > But why not have Exchange pick up the mail from the head office (pull vs. ... > only an intermittent connection to a service provider. ... The roles of client and server then reverse, ... (microsoft.public.exchange.connectivity) Re: 45 days STUCK LIKE CHUCK. DNS / Mx record cant recieve emails ... you've pretty much ruled out Exchange configuration. ... Exchange not listening on the Internet NIC. ... You can test the connection from within the LAN, ... I'm thinking that leaves the NAT device blocking port 25. ... (microsoft.public.windows.server.sbs) RE: FTP Window of opportunity? ... target on the line when in reality it was just a firewall lying to them. ... The connection connects and then immediately ... Subject: FTP Window of opportunity? ... the FTP port shows up. ... (Pen-Test)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)