Those UDP packets were new mail notifications bound for the clients. See the FAQ.
----- Original Message ----- From: "John Matteson" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Wednesday, December 19, 2001 3:30 PM Subject: Interesting UDP port problem - Resolved > Good afternoon to you all: > > We just went through a very interesting evolution regarding our > Exchange server (NT4.0 SP6, Exchange 5.5 latest SP and patches). Our > firewall admin was seeing UDP packets, bound for various port numbers, > attempting to depart for the Internet. These packets were dropped, but > logged. These various IP addresses were mostly AT&T dial-up accounts, or > cable modem accounts coming in through our VPN service to the Exchange box. > > It seems that the Outlook client connects via both the native IP > address on the client end, as well as the IP address assigned by the VPN. > UDP packets bound for the VPN addresses are processed normally by the > client. Exchange also generates UDP packets with the destination IP of the > client's native IP address. These are the packets that the admin was seeing > self-destructing on the firewall. > > This seems to be SOP for Exchange. I don't know how useful this > information is, but it is interesting. > > Have fun you all. > > John Matteson; Exchange Manager > Geac Corporate Infrastructure Systems and Standards > (404) 239 - 2981 > > With sufficient thrust, pigs fly just fine. - RFC 1925 > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]