ITPro.es

Relación de puertos usados por Exchange 2010

por · 22 mayo, 2013

Hoy queria poner la relación de puertos de comunicación que utiliza Exchange 2010, ya que en muchas ocasiones en nuestras compañias tenemos diversos Firewalls donde por seguridad, no estan abiertos todos los puertos, y buscando en ocasiones es dificil encontrar la relación completa de puertos usados por Exchange, Controladores de Dominio, CRM Dynamics, etc… Aquí pongo los usados por Exchange2010, por cada uno de los roles.

 

Rol de Hub transport:

 

Data pathRequired portsDefault authenticationSupported authentication
Hub Transport server to Hub Transport server25/TCP (SMTP)KerberosKerberos
Hub Transport server to Edge Transport server25/TCP (SMTP)Direct trustDirect trust
Edge Transport server to Hub Transport server25/TCP (SMTP)Direct trustDirect trust
Edge Transport server to Edge Transport server25/TCP SMTPAnonymous, CertificateAnonymous, Certificate
Mailbox server to Hub Transport server via the Microsoft Exchange Mail Submission Service135/TCP (RPC)NTLM. If the Hub Transport and the Mailbox server roles are on the same server, Kerberos is used.NTLM/Kerberos
Hub Transport to Mailbox server via MAPI135/TCP (RPC)NTLM. If the Hub Transport and the Mailbox server roles are on the same server, Kerberos is used.NTLM/Kerberos
Unified Messaging server to Hub Transport server25/TCP (SMTP)KerberosKerberos
Microsoft Exchange EdgeSync service from Hub Transport server to Edge Transport server50636/TCP (SSL)BasicBasic
Active Directory access from Hub Transport server389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos
Active Directory Rights Management Services (AD RMS) access from Hub Transport server443/TCP (HTTPS)NTLM/KerberosNTLM/Kerberos
SMTP clients to Hub Transport server (for example, end-users using Windows Live Mail)587 (SMTP)NTLM/KerberosNTLM/Kerberos
25/TCP (SMTP)

 

 

Rol Maibox:

 

Data pathRequired portsDefault authenticationSupported authentication
Active Directory access389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos
Admin remote access (Remote Registry)135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Admin remote access (SMB/File)445/TCP (SMB)NTLM/KerberosNTLM/Kerberos
Availability Web service (Client Access to Mailbox)135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Clustering135/TCP (RPC) See Notes on Mailbox Servers after this table.NTLM/KerberosNTLM/Kerberos
Content indexing135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Log shipping64327 (customizable)NTLM/KerberosNTLM/Kerberos
Seeding64327 (customizable)NTLM/KerberosNTLM/Kerberos
Volume shadow copy service (VSS) backupLocal Message Block (SMB)NTLM/KerberosNTLM/Kerberos
Mailbox Assistants135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
MAPI access135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Microsoft Exchange Active Directory Topology service access135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Microsoft Exchange System Attendant service legacy access (Listen to requests)135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Microsoft Exchange System Attendant service legacy access to Active Directory389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos
Microsoft Exchange System Attendant service legacy access (As MAPI client)135/TCP (RPC)NTLM/KerberosNTLM/Kerberos
Offline address book (OAB) accessing Active Directory135/TCP (RPC)KerberosKerberos
Outlook accessing OAB80/TCP, 443/TCP (SSL)NTLM/KerberosNTLM/Kerberos
Recipient Update Service RPC access135/TCP (RPC)KerberosKerberos
Recipient update to Active Directory389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos

 

 

Rol CAS:

 

Data pathRequired portsDefault authenticationSupported authentication
Active Directory access389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos
Autodiscover service80/TCP, 443/TCP (SSL)Basic/Integrated Windows authentication (Negotiate)Basic, Digest, NTLM, Negotiate (Kerberos)
Availability service80/TCP, 443/TCP (SSL)NTLM/KerberosNTLM, Kerberos
Outlook Web App80/TCP, 443/TCP (SSL)Forms Based AuthenticationBasic, Digest, Forms Based Authentication, NTLM (v2 only), Kerberos, Certificate
POP3110/TCP (TLS), 995/TCP (SSL)Basic, KerberosBasic, Kerberos
IMAP4143/TCP (TLS), 993/TCP (SSL)Basic, KerberosBasic, Kerberos
Outlook Anywhere (formerly known as RPC over HTTP )80/TCP, 443/TCP (SSL)BasicBasic or NTLM

 

 

Rol Mensajería Unificada:

 

Data pathRequired portsDefault authenticationSupported authentication
Active Directory access389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon)KerberosKerberos
Unified Messaging Phone interaction (IP PBX/VoIP Gateway)5060/TCP , 5065/TCP, 5067/TCP (unsecured), 5061/TCP, 5066/TCP, 5068/TCP (secured), a dynamic port from the range 16000-17000/TCP (control), dynamic UDP ports from the range 1024-65535/UDP (RTP)By IP addressBy IP address, MTLS
Unified Messaging Web Service80/TCP, 443/TCP (SSL)Integrated Windows authentication (Negotiate)Basic, Digest, NTLM, Negotiate (Kerberos)
Unified Messaging server to Client Access server5075, 5076, 5077 (TCP)Integrated Windows authentication (Negotiate)Basic, Digest, NTLM, Negotiate (Kerberos)
Unified Messaging server to Client Access server (Play on Phone)Dynamic RPCNTLM/KerberosNTLM/Kerberos
Unified Messaging server to Hub Transport server25/TCP (TLS)KerberosKerberos
Unified Messaging server to Mailbox server135/TCP (RPC)NTLM/KerberosNTLM/Kerberos

 

Un Saludo,

También te podría gustar...