Me? I would configure a VPN tunnel from Firewall to Firewall ..let them talk...no port worries...
bill -----Original Message----- From: Nizar El-Assaad [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 18, 2003 4:29 AM To: Exchange Discussions Subject: Exchange Server and Firewalls Hello I have a Windows NT 4 domain with two Exchange Servers 5.5. The two servers are located in two different geographical sites, and connect through a Site Connector. The Exchange servers are also domain controllers. I am configuring the firewall between the two sites (they connect through the internet). I came across a lot of articles in MS Knowledge Base. In one article (154596 - Configure RPC Dynamic Port Allocation to Work with Firewall), it states that I can set a range of TCP ports over 1024 (preferably over 5000) for dynamic ports needed for RPC communication (in addition to port 135). In other articles related to Exchange server (notably the following: 176466 - TCP Ports and Microsoft Exchange: In-depth Discussion; 155831 - Setting TCP/IP ports for Exchange and Outlook Client Connections Through a Firewall; 161931 - Configuring MTA TCP/IP Port # for X.400 and RPC Listens; 148732 - Setting TCP/IP Port Numbers for Internet Firewalls), they tell you how to allocate static ports to the various Exchange services. Now the question is: If I set a range of TCP ports (say from 5000 to 5020) as stated in article 154596, and make these ports available on the firewall, will it be sufficient as all the Exchange services use RPC communication or do I still need to allocate static ports for these services? In the latter case, should these ports fall in the range that I allowed in Windows NT RPC communication or should they be outside this range? In other words, will Exchange use ports in this range or is this range restricted for Windows NT Services (DHCP, WINS, NetBIOS sessions, etc.)? Thank you for your help. Best Regards Nizar El-Assaad _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]