static ports to CAS

Dynamic Port

When Exchange service starts up, it registers itself with the RPC service. A TCP port is dynamically allocated to it. When a client wants to make a connection to the Exchange,RPC connections made from Outlook to the Exchange server will first contact the RPC endpoint mapper (Port TCP 135) to request information on the port mappings of the various endpoints required.. The Outlook client then tries to make connections to the Exchange server directly by using these endpoint ports.

TCP ports used for outlook client connections

Mailbox (MAPI)--TCP--Dynamic Port
Mailbox (MAPI)--HTTP--Port 6001--not configurable
Address Book (NSPI)--TCP--Dynamic Port
Address Book (NSPI)--HTTP --6004--not configurable
Referral Service (RFR)--TCP--Dynamic Port
Referral Service (RFR)--HTTP--6002--Not configurable

Default dynamic port range for Windows 2008 R2:

netsh interface ipv4>show dynamicport tcp

Protocol tcp Dynamic Port Range
---------------------------------
Start Port : 49152
Number of Ports : 16384

After installation of Exchange 2010, the dynamic port range is:

netsh interface ipv4>show dynamicport tcp

Protocol tcp Dynamic Port Range
---------------------------------
Start Port : 6005
Number of Ports : 59530

Overtime, the Exchange uses different listening port number. It is a challenge for configuring the firewall settings.

Assigning static port to the CAS

create a dword(32) value and assign a number, e.g. 60001

HKLM\System\CurrentControlSet\Services\MSExchangeRPC\ParametersSystem\TCP/IP Port

Restart Exchange RPC Client Access Service

Assigning static port to the Address Book Service

Restart Exchange Address Book service

When Outlook (MAPI) clients start, you could find the static port numbers used by running netstat -na -p tcp at CAS.

TCP 191.121.3.3:60001 191.121.6.1:32431 ESTABLISHED
TCP 191.121.3.3:60001 191.121.6.1:32433 ESTABLISHED
TCP 191.121.3.3:60001 191.121.6.2:26937 ESTABLISHED
TCP 191.121.3.3:60001 191.121.6.2:26950 ESTABLISHED
TCP 191.121.3.3:60002 191.121.6.1:32458 ESTABLISHED
TCP 191.121.3.3:60002 191.121.6.2:26997 ESTABLISHED

If you have a public folder database, you should modify the port number on mailbox database server role system.