Re: benötigte Ports für FE-BE-Kommunikation durch eine Firewall

From: Norbert Fehlauer [MVP] (n.fehlauer_at_gmx.net)
Date: 03/12/04

• Next message: Norbert Fehlauer [MVP]: "Re: DynDNS Konfiguration"
• Previous message: Norbert Fehlauer [MVP]: "Re: Exchange 2000 unter Server 2003"
• In reply to: Klaus Hess: "benötigte Ports für FE-BE-Kommunikation durch eine Firewall"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 12 Mar 2004 17:17:14 +0100

Klaus Hess wrote:
Hi Klaus,

> ich habe bei meinem Exchange 2k das Problem, dass die
> Kommunikation des Front-Ends und des Back-Ends durch eine
> Firewall hindurch gehen muss. Ich möchte gerne wissen,
> welche Ports ich genau freischalten muss, damit die
> Kommunikation nicht behindert wird. Ich habe schon einige
> Dokus dazu gelesen, doch in jede weicht immer ein wenig
> von der anderen ab. Hat vielleicht irgendjemand schon
> eine solche Infrastruktur und kann mir sagen, welche
> Ports ich genau brauche, speziell oberhalb des Ports
> 1024? Wenn ich den gesamten Bereich aufmache,
> funktioniert OWA einwandfrei, doch sobald ich diese Lücke
> schließe, starten schon die Dienste nicht mehr.

http://support.microsoft.com/default.aspx?scid=kb;en-us;280132&Product=exch2k

One port for the Active Directory logon and directory replication interface
(universally unique identifiers [UUIDs] 12345678-1234-abcd-ef00-01234567cffb
and e3514235-4b06-11d1-ab04-00c04fc2dcd2). This is typically assigned port
1025 or 1026 during startup. This value is not set in the DSProxy or System
attendant (MAD) source code. Therefore, you must map the port in the
registry on any domain controllers that the Exchange 2000 computer must
contact through the firewall to process logons, and then open the port on
the firewall.

To map the port in the registry:

  1.. Start Registry Editor (Regedt32.exe).
  2.. Locate the following key in the registry:
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters

  3.. On the Edit menu, click Add Value, and then add the following registry
value:
  Value Name: TCP/IP Port
  Data Type: REG_DWORD
  Radix: Decimal
  Value: greater than 1024

  4.. Quit Registry Editor.

HTH

Norbert

• Next message: Norbert Fehlauer [MVP]: "Re: DynDNS Konfiguration"
• Previous message: Norbert Fehlauer [MVP]: "Re: Exchange 2000 unter Server 2003"
• In reply to: Klaus Hess: "benötigte Ports für FE-BE-Kommunikation durch eine Firewall"
• Messages sorted by: [ date ] [ thread ]

Relevant Pages Kerio 2.1.5 - Unable to Attach TCP Message ... Windows 2000 SP4 with Kerio firewall 2.1.5. ... either Windows Worms Cleaner or by editing the registry, ... closing the port, then reinstalling Kerio, but that didn't fool it. ... (comp.security.firewalls) RE: scan of domain logon reveals unknown port ... It explains what ports must be open in order for a member server to ... In this scenario it is giving the ports thru a firewall, ... Port 1026 is used for AD logon and directory replication. ... To map the port in the registry: ... (Focus-Microsoft) Re: rmi, two binding methods, what differences? ... Registry registry = LocateRegistry.getRegistry; ... It seems A has to use a port, which may need a special setting over ... firewall; for B, what's the port number? ... It shouldn't be because it is reserved by IANA for the RMI Registry. ... (comp.lang.java.programmer) Re: rmi, two binding methods, what differences? ... Registry registry = LocateRegistry.getRegistry; ... It seems A has to use a port, which may need a special setting over ... firewall; for B, what's the port number? ... So if it's in use it *should* mean that the RMI Registry is already running. ... (comp.lang.java.programmer) Re: Serial Port Application ... Can the registry be viewed from a Windows CE image? ... drivers which are actually active. ... >> Although the serial com port I use is defined under. ... I have created a new serial test program ... (microsoft.public.windowsce.app.development)

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint