Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Ports to talk to MS EXCHANGE server as BDC to AD domain?

I have an Exchange server (that is a Backup Domain Controller) that it on the outside of the PIX we had a AD machine along side it for a while. I've moved the AD server to the inside.

Now I need to talk to the BDC, and have it respond to the AD on the inside.

What port would I need to get this to wrk right?

Thanks,

Scott<-

4 REPLIES
New Member

Re: Ports to talk to MS EXCHANGE server as BDC to AD domain?

First why do you have your exchange server on the outside of the PIX??

I'm asuming you're working with windows 2000 because you said "AD" but AD and BDC don't go together so I'm not sure what all you have going on. If you merly need for your exchange server (2000) to talk to a Active DIrectory domain controller on the inside network you will need to open the following ports.

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq domain

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 88

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 123

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 135

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 139

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 389

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 445

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 3268

access-list dmz_access_in permit tcp host pcrmc-owa host pcrmc-adc2 eq 20000

access-list dmz_access_in permit udp host pcrmc-owa host pcrmc-adc2 eq domain

access-list dmz_access_in permit udp host pcrmc-owa host pcrmc-adc2 eq 88

access-list dmz_access_in permit udp host pcrmc-owa host pcrmc-adc2 eq netbios-ns

access-list dmz_access_in permit udp host pcrmc-owa host pcrmc-adc2 eq 389

Hope this helps.

J

New Member

Re: Ports to talk to MS EXCHANGE server as BDC to AD domain?

I would not even recommend making this work. If you are going to use MS Exchange I would put that on the inside with the rest of the network and install a mail relay / gateway on the dmz.

Regards,

Jason Brown

CCIE #10833

New Member

Re: Ports to talk to MS EXCHANGE server as BDC to AD domain?

I've been getting slammed for this post all over the place. The server is between firewalls. We are migrating from one to another. The firstone will go away and I'm moving all the server behind the 2nd one. Though I still have some users between the Firewalls that will still need to access the exchange server.

If I set it up that way how can the users use Outlook to connect to the server to get the mail? Outlook XP uses mroe then just the POP and SMTP port to get to the mailbox...

Thanks,

Scott<-

New Member

Re: Ports to talk to MS EXCHANGE server as BDC to AD domain?

I've caught myself saying the same thing about BDCs on an AD Domain, though Its possible. (-; You cannot create one, but you can have ones that are existing from an upgrade from NT to AD if your netwoek still has NT Servers as BDCs on it. Mixed Mode I believe is what its called. (-;

I've been getting slammed for this post all over the place. The server is between firewalls. We are migrating from one to another. The first one will go away and I'm moving all the server behind the 2nd one. Though I still have some users between the Firewalls that will still need to access the exchange server.

I'll have to figure out the DMZ to make sure I have my ducks in a row. I have yet to look into how the DMZ is supposed to be set up. I know the principal behind it, though I'm not sure where the 3rd Subnet comes into play.

Scott<-

155
Views
0
Helpful
4
Replies