Exchange 2010 Port Bilgileri

closeBu yazı 7 yıl 2 gün önce yayınlanmış olduğundan güncelliğini yitirmiş veya içeriğindeki bilgilerin geçerliliği kaybolmuş olabilir. Herhangi bir yanlış anlaşılmadan bu site sorumlu değildir.

Mailbox Servers

Data path Required ports Default authentication Supported authentication Encryption supported? Encrypted by default?
Active Directory access 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes
Admin remote access (Remote Registry) 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using IPsec No
Admin remote access (SMB/File) 445/TCP (SMB) NTLM/Kerberos NTLM/Kerberos Yes, using IPsec No
Availability Web service (Client Access to Mailbox) 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Clustering 135/TCP (RPC) See Notes on Mailbox Servers after this table. NTLM/Kerberos NTLM/Kerberos Yes, using IPsec No
Content indexing 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Log shipping 64327 (customizable) NTLM/Kerberos NTLM/Kerberos Yes No
Seeding 64327 (customizable) NTLM/Kerberos NTLM/Kerberos Yes No
Volume shadow copy service (VSS) backup Local Message Block (SMB) NTLM/Kerberos NTLM/Kerberos No No
Mailbox Assistants 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos No No
MAPI access 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Microsoft Exchange Active Directory Topology service access 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Microsoft Exchange System Attendant service legacy access (Listen to requests) 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos No No
Microsoft Exchange System Attendant service legacy access to Active Directory 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes
Microsoft Exchange System Attendant service legacy access (As MAPI client) 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Offline address book (OAB) accessing Active Directory 135/TCP (RPC) Kerberos Kerberos Yes, using RPC encryption Yes
Outlook accessing OAB 80/TCP, 443/TCP (SSL) NTLM/Kerberos NTLM/Kerberos Yes, using HTTPS No
Recipient Update Service RPC access 135/TCP (RPC) Kerberos Kerberos Yes, using RPC encryption Yes
Recipient update to Active Directory 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes

Client Access Servers

Data path Required ports Default authentication Supported authentication Encryption supported? Encrypted by default?
Active Directory access 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes
Autodiscover service 80/TCP, 443/TCP (SSL) Basic/Integrated Windows authentication (Negotiate) Basic, Digest, NTLM, Negotiate (Kerberos) Yes, using HTTPS Yes
Availability service 80/TCP, 443/TCP (SSL) NTLM/Kerberos NTLM, Kerberos Yes, using HTTPS Yes
Outlook Web App 80/TCP, 443/TCP (SSL) Forms Based Authentication Basic, Digest, Forms Based Authentication, NTLM (v2 only), Kerberos, Certificate Yes, using HTTPS Yes, using a self-signed certificate
POP3 110/TCP (TLS), 995/TCP (SSL) Basic, Kerberos Basic, Kerberos Yes, using SSL, TLS Yes
IMAP4 143/TCP (TLS), 993/TCP (SSL) Basic, Kerberos Basic, Kerberos Yes, using SSL, TLS Yes
Outlook Anywhere (formerly known as RPC over HTTP ) 80/TCP, 443/TCP (SSL) Basic Basic or NTLM Yes, using HTTPS Yes
Exchange ActiveSync application 80/TCP, 443/TCP (SSL) Basic Basic, Certificate Yes, using HTTPS Yes
Client Access server to Unified Messaging server 5060/TCP, 5061/TCP, 5062/TCP, a dynamic port By IP address By IP address Yes, using Session Initiation Protocol (SIP) over TLS Yes
Client Access server to a Mailbox server that is running an earlier version of Exchange Server 80/TCP, 443/TCP (SSL) NTLM/Kerberos Negotiate (Kerberos with fallback to NTLM or optionally Basic,) POP/IMAP plain text Yes, using IPsec No
Client Access server to Exchange 2010 Mailbox server RPC. See Notes on Client Access Servers. Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Client Access server to Client Access server (Exchange ActiveSync) 80/TCP, 443/TCP (SSL) Kerberos Kerberos, Certificate Yes, using HTTPS Yes, using a self-signed certificate
Client Access server to Client Access server (Outlook Web Access) 80/TCP, 443/TCP (HTTPS) Kerberos Kerberos Yes, using SSL Yes
Client Access server to Client Access server (Exchange Web Services) 443/TCP (HTTPS) Kerberos Kerberos Yes, using SSL Yes
Client Access server to Client Access server (POP3) 995 (SSL) Basic Basic Yes, using SSL Yes
Client Access server to Client Access server (IMAP4) 993 (SSL) Baisc Basic Yes, using SSL Yes

Unified Messaging Servers

Data path Required ports Default authentication Supported authentication Encryption supported? Encrypted by default?
Active Directory access 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes
Unified Messaging Phone interaction (IP PBX/VoIP Gateway) 5060/TCP , 5065/TCP, 5067/TCP (unsecured), 5061/TCP, 5066/TCP, 5068/TCP (secured), a dynamic port from the range 16000-17000/TCP (control), dynamic UDP ports from the range 1024-65535/UDP (RTP) By IP address By IP address, MTLS Yes, using SIP/TLS, SRTP No
Unified Messaging Web Service 80/TCP, 443/TCP (SSL) Integrated Windows authentication (Negotiate) Basic, Digest, NTLM, Negotiate (Kerberos) Yes, using SSL Yes
Unified Messaging server to Client Access server 5075, 5076, 5077 (TCP) Integrated Windows authentication (Negotiate) Basic, Digest, NTLM, Negotiate (Kerberos) Yes, using SSL Yes
Unified Messaging server to Client Access server (Play on Phone) Dynamic RPC NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes
Unified Messaging server to Hub Transport server 25/TCP (TLS) Kerberos Kerberos Yes, using TLS Yes
Unified Messaging server to Mailbox server 135/TCP (RPC) NTLM/Kerberos NTLM/Kerberos Yes, using RPC encryption Yes

Transport Servers

Data path Required Ports Default authentication Supported authentication Encryption supported? Encrypted by default?
Hub Transport server to Hub Transport server 25/TCP (SMTP) Kerberos Kerberos Yes, using Transport Layer Security (TLS) Yes
Hub Transport server to Edge Transport server 25/TCP (SMTP) Direct trust Direct trust Yes, using TLS Yes
Edge Transport server to Hub Transport server 25/TCP (SMTP) Direct trust Direct trust Yes, using TLS Yes
Edge Transport server to Edge Transport server 25/TCP SMTP Anonymous, Certificate Anonymous, Certificate Yes, using TLS Yes
Mailbox server to Hub Transport server via the Microsoft Exchange Mail Submission Service 135/TCP (RPC) NTLM. If the Hub Transport and the Mailbox server roles are on the same server, Kerberos is used. NTLM/Kerberos Yes, using RPC encryption Yes
Hub Transport to Mailbox server via MAPI 135/TCP (RPC) NTLM. If the Hub Transport and the Mailbox server roles are on the same server, Kerberos is used. NTLM/Kerberos Yes, using RPC encryption Yes
Unified Messaging server to Hub Transport server 25/TCP (SMTP) Kerberos Kerberos Yes, using TLS Yes
Microsoft Exchange EdgeSync service from Hub Transport server to Edge Transport server 50636/TCP (SSL) Basic Basic Yes, using LDAP over SSL (LDAPS) Yes
Active Directory access from Hub Transport server 389/TCP/UDP (LDAP), 3268/TCP (LDAP GC), 88/TCP/UDP (Kerberos), 53/TCP/UDP (DNS), 135/TCP (RPC netlogon) Kerberos Kerberos Yes, using Kerberos encryption Yes
Active Directory Rights Management Services (AD RMS) access from Hub Transport server 443/TCP (HTTPS) NTLM/Kerberos NTLM/Kerberos Yes, using SSL Yes*
SMTP clients to Hub Transport server (for example, end-users using Windows Live Mail) 587 (SMTP)25/TCP (SMTP) NTLM/Kerberos NTLM/Kerberos Yes, using TLS Yes

Kaynak

Etiketler:

Yayınlayan: Serkan Varoğlu

Yıldız Teknik Üniversitesi Elektrik Mühendisliğini bitirdim. Türkiye'de birçok farklı sektör ve firmada Sistem Yöneticiği yaptım. Bermudada 3 yıla yakın danışmanlık yaptıktan sonra şu anda İrlanda'da çalışma hayatıma devam ediyorum.