Exchange 2010 setup opens a number of ports required for client server communication depending upon the server roles that gets installed. The setup does this by creating firewall rules and they are visible when you fire up “Windows Firewall with Advanced Security” snap-in.
The below table (from Technet) lists all the ports opened by exchange 2010. As I was going through the list, the one that caught my attention was the port used for log shipping in a DAG, which is 64327!
One thing to note is that you can’t modify firewall rules created by the Exchange 2010 setup. You can create custom rules based on them & then disable or delete them.
| Rule name | Server roles | Port | Program |
| MSExchangeADTopology - RPC (TCP-In) | Client Access, Hub Transport, Mailbox, Unified Messaging | Dynamic RPC | Bin\MSExchangeADTopologyService.exe |
| MSExchangeMonitoring - RPC (TCP-In) | Client Access, Hub Transport, Edge Transport, Unified Messaging | Dynamic RPC | Bin\Microsoft.Exchange.Management.Monitoring.exe |
| MSExchangeServiceHost - RPC (TCP-In) | All roles | Dynamic RPC | Bin\Microsoft.Exchange.ServiceHost.exe |
| MSExchangeServiceHost - RPCEPMap (TCP-In) | All roles | RPC-EPMap | Bin\Microsoft.Exchange.Service.Host |
| MSExchangeRPCEPMap (GFW) (TCP-In) | All roles | RPC-EPMap | Any |
| MSExchangeRPC (GFW) (TCP-In) | Client Access, Hub Transport, Mailbox, Unified Messaging | Dynamic RPC | Any |
| MSExchange - IMAP4 (GFW) (TCP-In) | Client Access | 143, 993 (TCP) | All |
| MSExchangeIMAP4 (TCP-In) | Client Access | 143, 993 (TCP) | ClientAccess\PopImap\Microsoft.Exchange.Imap4Service.exe |
| MSExchange - POP3 (FGW) (TCP-In) | Client Access | 110, 995 (TCP) | All |
| MSExchange - POP3 (TCP-In) | Client Access | 110, 995 (TCP) | ClientAccess\PopImap\Microsoft.Exchange.Pop3Service.exe |
| MSExchange - OWA (GFW) (TCP-In) | Client Access | 5075, 5076, 5077 (TCP) | All |
| MSExchangeOWAAppPool (TCP-In) | Client Access | 5075, 5076, 5077 (TCP) | Inetsrv\w3wp.exe |
| MSExchangeAB-RPC (TCP-In) | Client Access | Dynamic RPC | Bin\Microsoft.Exchange.AddressBook.Service.exe |
| MSExchangeAB-RPCEPMap (TCP-In) | Client Access | RPC-EPMap | Bin\Microsoft.Exchange.AddressBook.Service.exe |
| MSExchangeAB-RpcHttp (TCP-In) | Client Access | 6002, 6004 (TCP) | Bin\Microsoft.Exchange.AddressBook.Service.exe |
| RpcHttpLBS (TCP-In) | Client Access | Dynamic RPC | System32\Svchost.exe |
| MSExchangeRPC - RPC (TCP-In) | Client Access, Mailbox | Dynamic RPC | Bing\Microsoft.Exchange.RpcClientAccess.Service.exe |
| MSExchangeRPC - PRCEPMap (TCP-In) | Client Access, Mailbox | RPC-EPMap | Bing\Microsoft.Exchange.RpcClientAccess.Service.exe |
| MSExchangeRPC (TCP-In) | Client Access, Mailbox | 6001 (TCP) | Bing\Microsoft.Exchange.RpcClientAccess.Service.exe |
| MSExchangeMailboxReplication (GFW) (TCP-In) | Client Access | 808 (TCP) | Any |
| MSExchangeMailboxReplication (TCP-In) | Client Access | 808 (TCP) | Bin\MSExchangeMailboxReplication.exe |
| MSExchangeIS - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\Store.exe |
| MSExchangeIS RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\Store.exe |
| MSExchangeIS (GFW) (TCP-In) | Mailbox | 6001, 6002, 6003, 6004 (TCP) | Any |
| MSExchangeIS (TCP-In) | Mailbox | 6001 (TCP) | Bin\Store.exe |
| MSExchangeMailboxAssistants - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSExchangeMailboxAssistants.exe |
| MSExchangeMailboxAssistants - RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSExchangeMailboxAssistants.exe |
| MSExchangeMailSubmission - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSExchangeMailSubmission.exe |
| MSExchangeMailSubmission - RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSExchangeMailSubmission.exe |
| MSExchangeMigration - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSExchangeMigration.exe |
| MSExchangeMigration - RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSExchangeMigration.exe |
| MSExchangerepl - Log Copier (TCP-In) | Mailbox | 64327 (TCP) | Bin\MSExchangeRepl.exe |
| MSExchangerepl - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSExchangeRepl.exe |
| MSExchangerepl - RPC-EPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSExchangeRepl.exe |
| MSExchangeSearch - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\Microsoft.Exchange.Search.ExSearch.exe |
| MSExchangeThrottling - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSExchangeThrottling.exe |
| MSExchangeThrottling - RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSExchangeThrottling.exe |
| MSFTED - RPC (TCP-In) | Mailbox | Dynamic RPC | Bin\MSFTED.exe |
| MSFTED - RPCEPMap (TCP-In) | Mailbox | RPC-EPMap | Bin\MSFTED.exe |
| MSExchangeEdgeSync - RPC (TCP-In) | Hub Transport | Dynamic RPC | Bin\Microsoft.Exchange.EdgeSyncSvc.exe |
| MSExchangeEdgeSync - RPCEPMap (TCP-In) | Hub Transport | RPC-EPMap | Bin\Microsoft.Exchange.EdgeSyncSvc.exe |
| MSExchangeTransportWorker - RPC (TCP-In) | Hub Transport | Dynamic RPC | Bin\edgetransport.exe |
| MSExchangeTransportWorker - RPCEPMap (TCP-In) | Hub Transport | RPC-EPMap | Bin\edgetransport.exe |
| MSExchangeTransportWorker (GFW) (TCP-In) | Hub Transport | 25, 587 (TCP) | Any |
| MSExchangeTransportWorker (TCP-In) | Hub Transport | 25, 587 (TCP) | Bin\edgetransport.exe |
| MSExchangeTransportLogSearch - RPC (TCP-In) | Hub Transport, Edge Transport, Mailbox | Dynamic RPC | Bin\MSExchangeTransportLogSearch.exe |
| MSExchangeTransportLogSearch - RPCEPMap (TCP-In) | Hub Transport, Edge Transport, Mailbox | RPC-EPMap | Bin\MSExchangeTransportLogSearch.exe |
| SESWorker (GFW) (TCP-In) | Unified Messaging | Any | Any |
| SESWorker (TCP-In) | Unified Messaging | Any | UnifiedMessaging\SESWorker.exe |
| UMService (GFW) (TCP-In) | Unified Messaging | 5060, 5061 | Any |
| UMService (TCP-In) | Unified Messaging | 5060, 5061 | Bin\UMService.exe |
| UMWorkerProcess (GFW) (TCP-In) | Unified Messaging | 5065, 5066, 5067, 5068 | Any |
| UMWorkerProcess (TCP-In) | Unified Messaging | 5065, 5066, 5067, 5068 | Bin\UMWorkerProcess.exe |
| UMWorkerProcess - RPC (TCP-In) | Unified Messaging | Dynamic RPC | Bin\UMWorkerProcess.exe |
No comments:
Post a Comment