locked
determining exact port number to open / allow between Forefront Threat Management gateway TMG 2010 / ISA and Exchange Server 2007 ? RRS feed

  • Question

  • I execute the Port Query application (portqry) in the DMZ but then not sure and confused in reading the result ?Hi All,

    I've just deployed Forefront TMG2010 in my secure environment (DMZ) and wondering what port that I should open between TMG 2010 and Exchange Server 2007 (which role is it HT-CAS only or mailbox server role too?) as minimum ?

    here's the result from Portqry.exe for Exchange Server port set, what does "portqry.exe -n 192.168.1.115 -e 389,379,390,3268 -p TCP exits with return code 0x00000002." means ?

    while some other port returns "portqry.exe -n 192.168.1.115 -e 80 -p TCP exits with return code 0x00000000." ?

     

    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 389,379,390,3268 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 389 (ldap service): FILTERED
    
    TCP port 379 (unknown service): FILTERED
    
    TCP port 390 (unknown service): FILTERED
    
    TCP port 3268 (msft-gc service): FILTERED
    portqry.exe -n 192.168.1.115 -e 389,379,390,3268 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 636,3269 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 636 (ldaps service): FILTERED
    
    TCP port 3269 (msft-gc-ssl service): FILTERED
    portqry.exe -n 192.168.1.115 -e 636,3269 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 143 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 143 (imap service): FILTERED
    portqry.exe -n 192.168.1.115 -e 143 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 993 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 993 (imaps service): FILTERED
    portqry.exe -n 192.168.1.115 -e 993 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 110 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 110 (pop3 service): FILTERED
    portqry.exe -n 192.168.1.115 -e 110 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 995 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 995 (pop3s service): FILTERED
    portqry.exe -n 192.168.1.115 -e 995 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 119 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 119 (nntp service): FILTERED
    portqry.exe -n 192.168.1.115 -e 119 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 563 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 563 (nntps service): FILTERED
    portqry.exe -n 192.168.1.115 -e 563 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 80 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 80 (http service): LISTENING
    portqry.exe -n 192.168.1.115 -e 80 -p TCP exits with return code 0x00000000.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 443 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 443 (https service): FILTERED
    portqry.exe -n 192.168.1.115 -e 443 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 25 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 25 (smtp service): FILTERED
    portqry.exe -n 192.168.1.115 -e 25 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 465 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 465 (unknown service): FILTERED
    portqry.exe -n 192.168.1.115 -e 465 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 691 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 691 (msexch-routing service): FILTERED
    portqry.exe -n 192.168.1.115 -e 691 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 80 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 80 (http service): LISTENING
    portqry.exe -n 192.168.1.115 -e 80 -p TCP exits with return code 0x00000000.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 6667 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 6667 (unknown service): FILTERED
    portqry.exe -n 192.168.1.115 -e 6667 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 994 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 994 (ircs service): FILTERED
    portqry.exe -n 192.168.1.115 -e 994 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 135 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 135 (epmap service): FILTERED
    portqry.exe -n 192.168.1.115 -e 135 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 1503 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 1503 (unknown service): FILTERED
    portqry.exe -n 192.168.1.115 -e 1503 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 522 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 522 (ulp service): FILTERED
    portqry.exe -n 192.168.1.115 -e 522 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 1720 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 1720 (unknown service): FILTERED
    portqry.exe -n 192.168.1.115 -e 1720 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 1731 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 1731 (msiccp service): FILTERED
    portqry.exe -n 192.168.1.115 -e 1731 -p TCP exits with return code 0x00000002.
    =============================================
    
     Starting portqry.exe -n 192.168.1.115 -e 53 -p TCP ...
    
    
    Querying target system called:
    
     192.168.1.115
    
    Attempting to resolve IP address to a name...
    
    
    IP address resolved to ExMbxCluster01.domain.com
    
    querying...
    
    TCP port 53 (domain service): FILTERED
    portqry.exe -n 192.168.1.115 -e 53 -p TCP exits with return code 0x00000002.


    can anyone assist me please ?

    Thanks.


    /* Server Support Specialist */
    Tuesday, June 14, 2011 5:40 AM

Answers

All replies