How to change the SIP TLS port that Exchange UM uses (5061)


  • I need to change the port that UM is listening on for SIP TLS traffic.  My Lync box is setup to use 5067 for SIP TLS (I had to change it from default because of a conflict with another service).  I read that you can change the port by editing MSExchangeUM.config on an MS article, but there don't seem to be any ports listed in that config.  Of course MS weren't kind enough to include the config entry needed to manually specify the port.  Could someone please tell me what I need to add to MSExchangeUM.config to change the SIP TLS port from 5061 to 5067?

    EDIT: I also found this article - that describes a different method of changing the port, but it only has instructions for TCP.

    • Edited by JasonBurns Thursday, March 29, 2012 2:21 PM more information
    Thursday, March 29, 2012 2:02 PM


All replies

  • If you want to use mutual Transport Layer Security (mutual TLS) between a UM IP gateway and a dial plan you need to do following

    1. Create the  dial plan as SIP secured or Secured

    2. Then configure the UM IP gateway with an FQDN.

    New-UMIPGateway -Name MyUMIPGateway -Address "" -Port 5061

    3. And configure the gateway to listen for mutual TLS requests on port 5061.


    Thursday, March 29, 2012 3:28 PM
  • Hi Jason,

    Did you get a chance to try below cmdlet ?

    set-umserver -id UMSer -SipTlsListeningPort

    Hope this helps.



    If answer is helpful, please hit the green arrow on the left, or mark as answer.

    Thursday, March 29, 2012 3:31 PM
  • My problem is that the gateway cannot listen on port 5061 because that port is already being used.
    Thursday, March 29, 2012 3:33 PM
  • Ok, I tried that and it said that it changed the port, and I restarted the Exchange UM service, however I am still getting this error:

    Event ID: 1400

    The following UM IP gateways did not respond as expected to a SIP OPTIONS request. 
    Transport = TLS, Address = SERVER.DOMAIN.local, Port = 5061, Response Code = 0, Message = This operation has timed out.

    I thought changing that TLS port would fix this error... but I guess not?  Is there something else I need to change?  Should I set the TLS port back since that didn't fix the problem?

    Thursday, March 29, 2012 3:52 PM
  • Ideally it should have been working. However , revert the setting since it is not working.

    I will cross check if it is a hardcoded port or not.




    If answer is helpful, please hit the green arrow on the left, or mark as answer.

    Thursday, March 29, 2012 4:23 PM
  • Ok, it did stop voice mail from working while the port was set to 5067.  I set it back to 5061 and it's still not working at the moment, but it may just take a minute to start up again.
    Thursday, March 29, 2012 6:58 PM
  • Hi,


    You may also need to run the following command besides SipTlsListeningPort.


    Set-UMIPGateway -Name UMIPGatewayName -Port XXX

    For details:




    • Edited by Kent HX Friday, March 30, 2012 6:47 AM Modify
    • Marked as answer by JasonBurns Friday, March 30, 2012 7:56 PM
    Friday, March 30, 2012 6:45 AM
  • Thank you!  That resolved the 1400 error I was getting.  Now if I could just get AA to route calls correctly...
    Friday, March 30, 2012 7:57 PM