XADM: Setting TCP/IP Ports for Exchange and Outlook Client Connections Through a Firewall

ID: Q155831

The information in this article applies to:
  • Microsoft Exchange Server, versions 5.5, 4.0, 5.0
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SUMMARY

This article tells you how to allow the Microsoft Exchange Client to connect to Microsoft Exchange Server over an existing connection to the Internet and through a firewall. In order to do this, make the ports assigned to these connections static. This requires you to add entries to the registry.

For additional information about configuring Exchange Server services for Internet firewalls, please click the article number below to view the article in the Microsoft Knowledge Base:

Q148732 XADM: Setting TCP/IP Port Numbers for Internet Firewalls


MORE INFORMATION

You must restart the computer for these changes to take effect.

To make the ports static:

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

  1. Start Registry Editor (Regedt32.exe).


  2. Under the HKEY_LOCAL_MACHINE subtree, go to the following subkey:


    3. System\CurrentControlSet\Services\MSExchangeDS\Parameters
  3. Add the following entry for the Microsoft Exchange Directory service:
    TCP/IP port REG_DWORD
    DATA: port number to assign
    NOTE: DO NOT assign ports immediately above the 1023 range. For additional information about the ramifications and guidelines for static port assignment of Exchange Server services, please click the article number below to view the article in the Microsoft Knowledge Base:
    Q180795 XADM: Intrasite Directory Replication Fails Error 1720
    EXAMPLE: "TCP/IP Port"=dword:000004C9(1225)

    The decimal number 1225 was used for the DS, which is 4C9 in hexadecimal.


  4. Go to the following subkey:


    5. System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
  5. Add the following entry for the Information Store:
    TCP/IP port REG_DWORD
    DATA: port number to assign
    NOTE: DO NOT assign ports immediately above the 1023 range. For additional information about the ramifications and guidelines for static port assignment of Exchange Server services, please click the article number below to view the article in the Microsoft Knowledge Base:
    Q180795 XADM: Intrasite Directory Replication Fails Error 1720
    EXAMPLE: "TCP/IP Port"=dword:000004CA(1226)

    The decimal number 1226 was used for the IS, 4CA in hexadecimal format.


  6. Quit Registry Editor.


After this, you need to configure the packet filter (or firewall) to allow TCP connections to be made to these ports as well as to port 135.

Further Explanation

A packet filter (or firewall) denies connection attempts made to any port for which you have not explicitly allowed connections. Microsoft Exchange Server does use a well-known static port (port 135) to listen for client connects to the RPC Endpoint Mapper Service. However, after the client connects to this socket, Microsoft Exchange Server then re-assigns the client two random ports to use when communicating with the directory and the information store. This makes it impossible to allow these through the firewall without forcing them to be statically assigned.

References

For additional information, please refer to the Readme.wri file on the Microsoft Exchange Server compact disc.

Additional query words:

Keywords : XCLN exc4 exc5 exc55
Version : winnt:4.0,5.0,5.5
Platform : winnt
Issue type : kbhowto


Last Reviewed: August 31, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.