Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Outlook to Exchange thru Firewall

Status
Not open for further replies.

SLG

MIS
Dec 19, 2001
106
US
I have what I hope is a simple question but I have not be able to find a simple answer on Google. I need to know what ports to open on my firewall to access my Exchange server with Outlook.
Before you answer, here is my dilemma;
My Exchange 2003 server is in my small office (3 users) behind a firewall. I only have 1 IP address and can not get another without shelling out some money for a new firewall that supports multiple IPs and for the additional IPs. I'd rather not do that if I don't have to. I would like to use RCP over HTTP/S but I am already pointing port 80/443 to my web server. I would setup a VPN, but I am already running a VPN to my other office.
So my question(s) is; What ports do I need to open for Outlook 2003 to work with Exchange over the net (assume security is not an issue)? OR, Is it possible to change the port that RCP over HTTP/S works with on the client? I have OWA running on port 8080 and it works fine...so can I point RCP over HTTP to point to 8080 somehow?
Thanks in advance!
 
you can't change the port. New firewall or DMZ on 443 are required.
 
Do you have a seperate web server, or are you using SBS? If you are using SBS than pointing 80 and 443 to the server is all that is required in this regard to get RPCoHTTP and Web Services working together.
 
You can install an SSH server on the Email server and tunnel any port through the ssh session. SSH was originally designed for Unix but there is a Windows port here:
To access the SSH server you would use the putty client: .

All of the software I just mentioned is Open Source, and thus, free. SSH is encrypted and runs on Port 22. It works almost like a VPN and you can tunnel as many ports as you want through it.

When you say "access my Exchange server with Outlook", do you mean with remote desktop?



Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
Response to Zelandakh: That makes me sad. :-(

Response to gmannatl: I have a separate Web server that requires ports 80 and 443.

Response to bdintegrations: I'm not sure I understand how SSH for Windows would work in the situation? How would I configure it to work with Outlook/Exchange?

Thanks for all the responses, I can't imagine I'm the only one in this situation. I am currently trying to get this " working but I'm not having much luck.
 
You could tunnel POP3/IMAP ports through SSH. You would not need RPC over HTTP/S anymore. On your client machine, with putty configured and running properly, you would point your email client software(Outlook) to:

127.0.0.1, port 110 for POP3
or
127.0.0.1, port 143 for IMAP

Once putty is running, it will listen on these ports on your client machine. Your email client will send traffic to 127.0.0.1:110 which putty will send to your email server in the "tunnel".

Just forward port 22 on your firewall to your email server.


Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
You could tunnel POP3/IMAP ports through SSH. You would not need RPC over HTTP/S anymore.
POP3 and IMAP and NOT substitutes for RPC over HTTPS. They are not the same thing. With POP3/IMAP, you lose a LOT of functionality in Outlook. RPC over HTTPS gives all of the native features.

You need 80 and 443 going from the Internet to the Exchange server in order to use RPC over HTTPS. It's that simple.

Pat Richard MVP
 
POP3 and IMAP and NOT substitutes for RPC over HTTPS. They are not the same thing. With POP3/IMAP, you lose a LOT of functionality in Outlook. RPC over HTTPS gives all of the native features.
You need 80 and 443 going from the Internet to the Exchange server in order to use RPC over HTTPS. It's that simple.

That is true, but I am giving the poster options. The option I suggested may be better than nothing.

The poster can also tunnel "RPC over HTTP" through SSH which should work just as well.


Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
Right, I need the full Outlook functionality or it does me no good. Do you have detailed instructions for tunneling RPC over HTTP through SSH?
 
-Install and configure SSH ( on the email server. There is a good readme doc that comes with the installer that will explain what you need to do. Basically, you have to tell SSH what users you want to create an SSH session.

-open up port 22 on the firewall

-download putty to your client

-configure putty by forwarding port 80(you shouldn't need to use 443; the SSH session is already encrypted). There are many good instructions on the internet such as:
-start the ssh session with putty

-configure your outlook client to point to 127.0.0.1, port 80

-test







Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
I couldn't get it to work anyway (I'll admit I didn't put much effort in to it) so I am going to look into a VPN and scrap the VPN to my other office.
Thanks to all that replied!!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top