XADM: Setting TCP/IP Port Numbers for Internet Firewalls

• Microsoft Exchange Server, versions 4.0 and 5.0

SUMMARY

This article explains how to configure the Microsoft Exchange Information Store, Directory, and System Attendant Services to use predefined TCP/IP port numbers. This is useful when configuring Internet firewalls or routers.

MORE INFORMATION

Some Internet firewalls may not accept TCP/IP port numbers that Microsoft Exchange Server uses for Remote Procedure Call (RPC) communication. To solve this problem, add port 135 to your firewall and configure Microsoft Exchange Server to use the ports that your firewall will allow. The computer must be restarted for these changes to take effect.

To configure the RPC Port for the Microsoft Exchange Directory Service:

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall Windows NT. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

1. Start Registry Editor (Regedt32.exe).

2. Under the HKEY_LOCAL_MACHINE subtree, go to the following subkey:

         SYSTEM\CurrentControlSet\Services\MSExchangeDS\Parameters
   

3. Add the following registry value

         TCP/IP port
   

   as DWORD value, specifying the port to be used. The RADIX should be set to decimal when entering the value.

4. Quit Registry Editor.

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall Windows NT. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

1. Start Registry Editor (Regedt32.exe).

2. Under the HKEY_LOCAL_MACHINE subtree, go to the following subkey:

         SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
   

3. Add the following registry value

         TCP/IP port
   

   as DWORD value, specifying the port to be used. The RADIX should be set to decimal when entering the value.

4. Quit Registry Editor.

In order to Administer an Exchange Server across a firewall, the Microsoft Exchange System Attendant should be configured to use a specific RPC port as well.

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall Windows NT. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

1. Start Registry Editor (Regedt32.exe).

2. Under the HKEY_LOCAL_MACHINE subtree, go to the following subkey:

         SYSTEM\CurrentControlSet\Services\MSExchangeSA\Parameters
   

3. Add the following registry value

         TCP/IP port
   

   as DWORD value, specifying the port to be used. The RADIX should be set to decimal when entering the value.

4. Quit Registry Editor.

Note: This ONLY has to be changed on the computer running Microsoft Exchange Server. Clients always connect to port 135, the RPC endpoint mapper, and then ask what ports they should use for the Directory and Information Store Services.

WARNING: DO NOT assign ports immediately above the 1023 range. For more information about the ramifications and guidelines for static port assignment of Exchange services, please see the following article in the Microsoft Knowledge Base:

   ARTICLE-ID: Q180795
   TITLE: XADM: Intrasite Directory Replication Fails with Error 1720