RE: firewall problem
there is a KB about that i think, have a search > > Hi, > Does anyone know about the original question which was why > exchange on Win2K > changes its ports and how it can be stopped? > many thanks > Vanessa > > -Original Message- > From: Couch, Nate [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 13:27 > To: Exchange Discussions > Subject: RE: firewall problem > > > What about monitoring of those servers in the DMZ? Do you > use PerfMon to > check queues or critical processes? If so, what ports are > needed there if > your monitoring workstation is on the other side of the DMZ? > Or do you > simply use some kind of paging system when it reaches a threshold? > > Nate Couch > EDS Messaging > > > -- > > From: Atkinson, Daniel > > Reply To: [EMAIL PROTECTED] > > Sent: Wednesday, December 12, 2001 06:42 > > To: [EMAIL PROTECTED] > > Subject:RE: firewall problem > > > > > > thanks for the information > > > > > -Original Message- > > > From: Olds, Dominic [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:55 > > > To: Exchange Discussions > > > Subject: RE: firewall problem > > > > > > > > > Any open port is a potential security risk. This risk > > > increases with the > > > amount you "open up" on your firewall. Personally, I would > > > only ever allow > > > SMTP traffic to an (relay protected) exchange box inside > a firewall. > > > Anything else and I would relay from a box sitting in the DMZ > > > (for smtp, OWA > > > etc etc) thus meaning I only have to allow the RPC and stuff > > > for exchange > > > between 2 specifically defined boxes from the DMZ to the > > > internal network. > > > It will make your life easier if you open these ports right?? > > > So it follows > > > that a hacker's life becomes easier too. If you choose the > > > lazy route you > > > are likely to pay for it in other ways. > > > > > > Regards > > > > > > Dom. > > > > > > -Original Message- > > > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:46 > > > To: Exchange Discussions > > > Subject: RE: firewall problem > > > > > > > > > i'd like to open our exchange server through the > firewall, but my boss > > > thinks this is a 'massive security risk'. i think if i > open it just to > > > specified hosts, then that would be ok. what does anyone > else think? > > > > > > dan. > > > > > > > -Original Message- > > > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > > > Sent: 12 December 2001 11:16 > > > > To: Exchange Discussions > > > > Subject: firewall problem > > > > > > > > > > > > Dear all, > > > > > > > > I have several exchange servers which work fine through a > > > > firewall except > > > > one, using the TechNet recommended ports for DS and IS of > > > > 1300 and 1301 > > > > respectively. The one that doesn't work is one which is > > > > running Win2K. The > > > > others run NT4. I have set the ports to 1300 and 1301 in the > > > > registry as > > > > usual, but the server is ignoring this fact. It is just > > > > using random ports > > > > and so I am having to change the firewall ports instead!!! > > > > The ports it > > > > uses change after every reboot, so obviously, this is > troublesome. > > > > Anyone have a fix for this? > > > > We are using Exchange 5.5 sp4 > > > > > > > > thanks > > > > Vanessa Watkins > > > > Network Manager > > > > Royal Holloway > > > > > > > > > _ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > > Exchange List admin:[EMAIL PROTECTED] > > > > > > > > > > _ > > > List posting FAQ: http://www.swinc.com/reso
RE: firewall problem
Hi, Does anyone know about the original question which was why exchange on Win2K changes its ports and how it can be stopped? many thanks Vanessa -Original Message- From: Couch, Nate [mailto:[EMAIL PROTECTED]] Sent: 12 December 2001 13:27 To: Exchange Discussions Subject: RE: firewall problem What about monitoring of those servers in the DMZ? Do you use PerfMon to check queues or critical processes? If so, what ports are needed there if your monitoring workstation is on the other side of the DMZ? Or do you simply use some kind of paging system when it reaches a threshold? Nate Couch EDS Messaging > -- > From: Atkinson, Daniel > Reply To: [EMAIL PROTECTED] > Sent: Wednesday, December 12, 2001 06:42 > To: [EMAIL PROTECTED] > Subject: RE: firewall problem > > > thanks for the information > > > -Original Message- > > From: Olds, Dominic [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:55 > > To: Exchange Discussions > > Subject: RE: firewall problem > > > > > > Any open port is a potential security risk. This risk > > increases with the > > amount you "open up" on your firewall. Personally, I would > > only ever allow > > SMTP traffic to an (relay protected) exchange box inside a firewall. > > Anything else and I would relay from a box sitting in the DMZ > > (for smtp, OWA > > etc etc) thus meaning I only have to allow the RPC and stuff > > for exchange > > between 2 specifically defined boxes from the DMZ to the > > internal network. > > It will make your life easier if you open these ports right?? > > So it follows > > that a hacker's life becomes easier too. If you choose the > > lazy route you > > are likely to pay for it in other ways. > > > > Regards > > > > Dom. > > > > -Original Message- > > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:46 > > To: Exchange Discussions > > Subject: RE: firewall problem > > > > > > i'd like to open our exchange server through the firewall, but my boss > > thinks this is a 'massive security risk'. i think if i open it just to > > specified hosts, then that would be ok. what does anyone else think? > > > > dan. > > > > > -Original Message- > > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:16 > > > To: Exchange Discussions > > > Subject: firewall problem > > > > > > > > > Dear all, > > > > > > I have several exchange servers which work fine through a > > > firewall except > > > one, using the TechNet recommended ports for DS and IS of > > > 1300 and 1301 > > > respectively. The one that doesn't work is one which is > > > running Win2K. The > > > others run NT4. I have set the ports to 1300 and 1301 in the > > > registry as > > > usual, but the server is ignoring this fact. It is just > > > using random ports > > > and so I am having to change the firewall ports instead!!! > > > The ports it > > > uses change after every reboot, so obviously, this is troublesome. > > > Anyone have a fix for this? > > > We are using Exchange 5.5 sp4 > > > > > > thanks > > > Vanessa Watkins > > > Network Manager > > > Royal Holloway > > > > > > _ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin:[EMAIL PROTECTED] > > > > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > List posting FAQ: http://www.swi
RE: firewall problem
What about monitoring of those servers in the DMZ? Do you use PerfMon to check queues or critical processes? If so, what ports are needed there if your monitoring workstation is on the other side of the DMZ? Or do you simply use some kind of paging system when it reaches a threshold? Nate Couch EDS Messaging > -- > From: Atkinson, Daniel > Reply To: [EMAIL PROTECTED] > Sent: Wednesday, December 12, 2001 06:42 > To: [EMAIL PROTECTED] > Subject: RE: firewall problem > > > thanks for the information > > > -Original Message- > > From: Olds, Dominic [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:55 > > To: Exchange Discussions > > Subject: RE: firewall problem > > > > > > Any open port is a potential security risk. This risk > > increases with the > > amount you "open up" on your firewall. Personally, I would > > only ever allow > > SMTP traffic to an (relay protected) exchange box inside a firewall. > > Anything else and I would relay from a box sitting in the DMZ > > (for smtp, OWA > > etc etc) thus meaning I only have to allow the RPC and stuff > > for exchange > > between 2 specifically defined boxes from the DMZ to the > > internal network. > > It will make your life easier if you open these ports right?? > > So it follows > > that a hacker's life becomes easier too. If you choose the > > lazy route you > > are likely to pay for it in other ways. > > > > Regards > > > > Dom. > > > > -Original Message- > > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:46 > > To: Exchange Discussions > > Subject: RE: firewall problem > > > > > > i'd like to open our exchange server through the firewall, but my boss > > thinks this is a 'massive security risk'. i think if i open it just to > > specified hosts, then that would be ok. what does anyone else think? > > > > dan. > > > > > -Original Message- > > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > > Sent: 12 December 2001 11:16 > > > To: Exchange Discussions > > > Subject: firewall problem > > > > > > > > > Dear all, > > > > > > I have several exchange servers which work fine through a > > > firewall except > > > one, using the TechNet recommended ports for DS and IS of > > > 1300 and 1301 > > > respectively. The one that doesn't work is one which is > > > running Win2K. The > > > others run NT4. I have set the ports to 1300 and 1301 in the > > > registry as > > > usual, but the server is ignoring this fact. It is just > > > using random ports > > > and so I am having to change the firewall ports instead!!! > > > The ports it > > > uses change after every reboot, so obviously, this is troublesome. > > > Anyone have a fix for this? > > > We are using Exchange 5.5 sp4 > > > > > > thanks > > > Vanessa Watkins > > > Network Manager > > > Royal Holloway > > > > > > _ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin:[EMAIL PROTECTED] > > > > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
Too risky IMHO.. 80 25 & 110 only over here I'm afraid.. B --Original Message- From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] Sent: 12 December 2001 02:42 To: Exchange Discussions Subject: RE: firewall problem you mean if they spoofed the IP address? well our PIX takes care of that, to a point > -Original Message- > From: Brent Hudson [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 12:00 > To: Exchange Discussions > Subject: RE: firewall problem > > > How would you know if the hosts attached (seeming to be specified) are > actually the hosts you specified? > .. you would not. > > B > -Original Message- > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 01:46 > To: Exchange Discussions > Subject: RE: firewall problem > > > i'd like to open our exchange server through the firewall, but my boss > thinks this is a 'massive security risk'. i think if i open it just to > specified hosts, then that would be ok. what does anyone else think? > > dan. > > > -Original Message- > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:16 > > To: Exchange Discussions > > Subject: firewall problem > > > > > > Dear all, > > > > I have several exchange servers which work fine through a > > firewall except > > one, using the TechNet recommended ports for DS and IS of > > 1300 and 1301 > > respectively. The one that doesn't work is one which is > > running Win2K. The > > others run NT4. I have set the ports to 1300 and 1301 in the > > registry as > > usual, but the server is ignoring this fact. It is just > > using random ports > > and so I am having to change the firewall ports instead!!! > > The ports it > > uses change after every reboot, so obviously, this is troublesome. > > Anyone have a fix for this? > > We are using Exchange 5.5 sp4 > > > > thanks > > Vanessa Watkins > > Network Manager > > Royal Holloway > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
thanks for the information > -Original Message- > From: Olds, Dominic [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 11:55 > To: Exchange Discussions > Subject: RE: firewall problem > > > Any open port is a potential security risk. This risk > increases with the > amount you "open up" on your firewall. Personally, I would > only ever allow > SMTP traffic to an (relay protected) exchange box inside a firewall. > Anything else and I would relay from a box sitting in the DMZ > (for smtp, OWA > etc etc) thus meaning I only have to allow the RPC and stuff > for exchange > between 2 specifically defined boxes from the DMZ to the > internal network. > It will make your life easier if you open these ports right?? > So it follows > that a hacker's life becomes easier too. If you choose the > lazy route you > are likely to pay for it in other ways. > > Regards > > Dom. > > -Original Message- > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 11:46 > To: Exchange Discussions > Subject: RE: firewall problem > > > i'd like to open our exchange server through the firewall, but my boss > thinks this is a 'massive security risk'. i think if i open it just to > specified hosts, then that would be ok. what does anyone else think? > > dan. > > > -Original Message- > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:16 > > To: Exchange Discussions > > Subject: firewall problem > > > > > > Dear all, > > > > I have several exchange servers which work fine through a > > firewall except > > one, using the TechNet recommended ports for DS and IS of > > 1300 and 1301 > > respectively. The one that doesn't work is one which is > > running Win2K. The > > others run NT4. I have set the ports to 1300 and 1301 in the > > registry as > > usual, but the server is ignoring this fact. It is just > > using random ports > > and so I am having to change the firewall ports instead!!! > > The ports it > > uses change after every reboot, so obviously, this is troublesome. > > Anyone have a fix for this? > > We are using Exchange 5.5 sp4 > > > > thanks > > Vanessa Watkins > > Network Manager > > Royal Holloway > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
you mean if they spoofed the IP address? well our PIX takes care of that, to a point > -Original Message- > From: Brent Hudson [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 12:00 > To: Exchange Discussions > Subject: RE: firewall problem > > > How would you know if the hosts attached (seeming to be specified) are > actually the hosts you specified? > .. you would not. > > B > -Original Message- > From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 01:46 > To: Exchange Discussions > Subject: RE: firewall problem > > > i'd like to open our exchange server through the firewall, but my boss > thinks this is a 'massive security risk'. i think if i open it just to > specified hosts, then that would be ok. what does anyone else think? > > dan. > > > -Original Message- > > From: Watkins V [mailto:[EMAIL PROTECTED]] > > Sent: 12 December 2001 11:16 > > To: Exchange Discussions > > Subject: firewall problem > > > > > > Dear all, > > > > I have several exchange servers which work fine through a > > firewall except > > one, using the TechNet recommended ports for DS and IS of > > 1300 and 1301 > > respectively. The one that doesn't work is one which is > > running Win2K. The > > others run NT4. I have set the ports to 1300 and 1301 in the > > registry as > > usual, but the server is ignoring this fact. It is just > > using random ports > > and so I am having to change the firewall ports instead!!! > > The ports it > > uses change after every reboot, so obviously, this is troublesome. > > Anyone have a fix for this? > > We are using Exchange 5.5 sp4 > > > > thanks > > Vanessa Watkins > > Network Manager > > Royal Holloway > > > > _ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin:[EMAIL PROTECTED] > > > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
How would you know if the hosts attached (seeming to be specified) are actually the hosts you specified? .. you would not. B -Original Message- From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] Sent: 12 December 2001 01:46 To: Exchange Discussions Subject: RE: firewall problem i'd like to open our exchange server through the firewall, but my boss thinks this is a 'massive security risk'. i think if i open it just to specified hosts, then that would be ok. what does anyone else think? dan. > -Original Message- > From: Watkins V [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 11:16 > To: Exchange Discussions > Subject: firewall problem > > > Dear all, > > I have several exchange servers which work fine through a > firewall except > one, using the TechNet recommended ports for DS and IS of > 1300 and 1301 > respectively. The one that doesn't work is one which is > running Win2K. The > others run NT4. I have set the ports to 1300 and 1301 in the > registry as > usual, but the server is ignoring this fact. It is just > using random ports > and so I am having to change the firewall ports instead!!! > The ports it > uses change after every reboot, so obviously, this is troublesome. > Anyone have a fix for this? > We are using Exchange 5.5 sp4 > > thanks > Vanessa Watkins > Network Manager > Royal Holloway > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
Any open port is a potential security risk. This risk increases with the amount you "open up" on your firewall. Personally, I would only ever allow SMTP traffic to an (relay protected) exchange box inside a firewall. Anything else and I would relay from a box sitting in the DMZ (for smtp, OWA etc etc) thus meaning I only have to allow the RPC and stuff for exchange between 2 specifically defined boxes from the DMZ to the internal network. It will make your life easier if you open these ports right?? So it follows that a hacker's life becomes easier too. If you choose the lazy route you are likely to pay for it in other ways. Regards Dom. -Original Message- From: Atkinson, Daniel [mailto:[EMAIL PROTECTED]] Sent: 12 December 2001 11:46 To: Exchange Discussions Subject: RE: firewall problem i'd like to open our exchange server through the firewall, but my boss thinks this is a 'massive security risk'. i think if i open it just to specified hosts, then that would be ok. what does anyone else think? dan. > -Original Message- > From: Watkins V [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 11:16 > To: Exchange Discussions > Subject: firewall problem > > > Dear all, > > I have several exchange servers which work fine through a > firewall except > one, using the TechNet recommended ports for DS and IS of > 1300 and 1301 > respectively. The one that doesn't work is one which is > running Win2K. The > others run NT4. I have set the ports to 1300 and 1301 in the > registry as > usual, but the server is ignoring this fact. It is just > using random ports > and so I am having to change the firewall ports instead!!! > The ports it > uses change after every reboot, so obviously, this is troublesome. > Anyone have a fix for this? > We are using Exchange 5.5 sp4 > > thanks > Vanessa Watkins > Network Manager > Royal Holloway > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: firewall problem
i'd like to open our exchange server through the firewall, but my boss thinks this is a 'massive security risk'. i think if i open it just to specified hosts, then that would be ok. what does anyone else think? dan. > -Original Message- > From: Watkins V [mailto:[EMAIL PROTECTED]] > Sent: 12 December 2001 11:16 > To: Exchange Discussions > Subject: firewall problem > > > Dear all, > > I have several exchange servers which work fine through a > firewall except > one, using the TechNet recommended ports for DS and IS of > 1300 and 1301 > respectively. The one that doesn't work is one which is > running Win2K. The > others run NT4. I have set the ports to 1300 and 1301 in the > registry as > usual, but the server is ignoring this fact. It is just > using random ports > and so I am having to change the firewall ports instead!!! > The ports it > uses change after every reboot, so obviously, this is troublesome. > Anyone have a fix for this? > We are using Exchange 5.5 sp4 > > thanks > Vanessa Watkins > Network Manager > Royal Holloway > > _ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin:[EMAIL PROTECTED] > _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]