I have a setup consisting of multiple Exchange servers behind a PIX firewall.
I am trying to temporarily configure my Exchange server to be accessible from Outlook clients
on the internet. I am having some difficulty in doing this. On the recommendations of Cisco I
have opened TCP ports 135 and 139 and UDP ports 137 and 138. The PIX log shows denial at
ports over 1024. I have tried using the established command to allow the rerouting of ports done
by the Exchange server, but this does not seem to work. Microsoft reccomends setting the Exchange
ports statically. Im a little hesitant in doing this.

Has anyone gotten this to work successfully and if so, what is that I am missing in my
configuration. Any help is apprecciated.

Thanks
George

I have gotten this to work, but I had to edit the registry to include two ports for the IS and DS. Any number will work, use something in the 40000 range.


------------
George Hinkel at 8/27/99 2:14:45 PM

I have a setup consisting of multiple Exchange servers behind a PIX firewall.
I am trying to temporarily configure my Exchange server to be accessible from Outlook clients
on the internet. I am having some difficulty in doing this. On the recommendations of Cisco I
have opened TCP ports 135 and 139 and UDP ports 137 and 138. The PIX log shows denial at
ports over 1024. I have tried using the established command to allow the rerouting of ports done
by the Exchange server, but this does not seem to work. Microsoft reccomends setting the Exchange
ports statically. Im a little hesitant in doing this.

Has anyone gotten this to work successfully and if so, what is that I am missing in my
configuration. Any help is apprecciated.

Thanks
George

There are 2 good KB articles on how to set this up (Q152725 + Q161489), make sure that the client checks encrypt communication with the exchange server, or anyone can read the mail going by.

g


------------
Jim Leigh at 8/31/99 2:54:32 PM

I have gotten this to work, but I had to edit the registry to include two ports for the IS and DS. Any number will work, use something in the 40000 range.


------------
George Hinkel at 8/27/99 2:14:45 PM

I have a setup consisting of multiple Exchange servers behind a PIX firewall.
I am trying to temporarily configure my Exchange server to be accessible from Outlook clients
on the internet. I am having some difficulty in doing this. On the recommendations of Cisco I
have opened TCP ports 135 and 139 and UDP ports 137 and 138. The PIX log shows denial at
ports over 1024. I have tried using the established command to allow the rerouting of ports done
by the Exchange server, but this does not seem to work. Microsoft reccomends setting the Exchange
ports statically. Im a little hesitant in doing this.

Has anyone gotten this to work successfully and if so, what is that I am missing in my
configuration. Any help is apprecciated.

Thanks
George