Microsoft has published a new resource describing the network ports for clients and services in Exchange Server 2013.
Previous versions of Exchange Server have had this information published, and one of the unfortunate side effects of having that information available was that some customers tried to use it as the basis for placing restrictive firewalls between their Exchange servers, or trying to deploy unsupported scenarios such as placing Client Access servers in a perimeter network.
Perhaps that is one reason that this network ports guidance has been slow in coming out for Exchange Server 2013 as well. Either way, it’s available now and I’m sure it will be very interesting and useful to a lot of Exchange admins.
Be sure to read all the caveats.
This topic provides information about the network ports that are used by Microsoft Exchange Server 2013 for communication with email clients, Internet mail servers, and other services that are external to your local Exchange organization. Before we get into that, understand the following ground rules:
- We do not support restricting or altering network traffic between internal Exchange servers or between internal Exchange servers and internal Active Directory domain controllers in any and all types of topologies. If you have firewalls or network devices that could potentially restrict or alter this kind of network traffic, you need to configure rules that allow free and unrestricted communication between these servers (rules that allow incoming and outgoing network traffic on any port—including random RPC ports—and any protocol that never alter bits on the wire).
- Edge Transport servers are almost always located in a perimeter network, so it’s expected that you’ll restrict network traffic between the Edge Transport server and the Internet, and between the Edge Transport server and your internal Exchange organization. These network ports are described in this topic.
- It’s expected that you’ll restrict network traffic between external clients and services and your internal Exchange organization. It’s also OK if you decide to restrict network traffic between internal clients and internal Exchange servers. These network ports are described in this topic.
This article Network Ports for Clients and Mail Flow in Exchange 2013 is © 2015 ExchangeServerPro.com
Get more Exchange Server tips at ExchangeServerPro.com
