I am not neccessarily asking for help on firewalls, but I am explaining the situation I am in.
I am running a single Server 2003 SBS with Exchange. There are about 20 PCs and 30 users. I am using AVG Network Edition 8.5 with the firewall installed. I have been running this configuration for about 3 years.
Last week I developed a problem with 4 users. FWIW, I had just upgraded memory on some of the PC's (512MB to 1GB) and I removed Spybot and AdAware on all of the PC's. My personal account is having a problem connecting to Exchange with Outlook (the connection times out in 30 sec.) Other users are having problems logging into the domain. All of the client PC's are running XP Pro SP3.
For each user, the FW issues seems to be associated with the login account, meaning that user has the same problem regardless of the PC used.
I am the admin of this system so I have use of the Administrator account and I also have a personal account, which is also an admin account. When I log into my personal account, I cannot connect to Exchange. If I log into the Admin account, I connect to Exchange normally. I have the Admin account pointing to the mailbox of my personal account for testing purposes.
I have reviewed the AVG FW log, and I constructed a rule to overcome the blocked ports. The problem is that I will log into any PC in the domain, and I have found that the ports that are blocked differ on each PC, so creating rules is troublesome.
(Also when the other users are brought into the equation, the number of rules needed to solves the variety of FW issues goes up quickly.)
Here is the meat of my inquiry:
I am not sure I am asking the right question, but it appears the Outlook is opening up different ports when connecting to Exchange based on the login account even on the same computer. I cannot see what changed in the past week to require configuration changes to the firewall.
I want to reinforce that I know how to fix the Exchange connection by creating FW rules, but I do not know what changed to require the new FW rules. I guess I am looking for the "Root Cause" of the problem.
Any hints on how to proceed are greatly appreciated.
Using an RPC/MAPI connection Outlook will pick random ports to connect to the Exchange server. As far as I remember it is not possible to define set ports. One workaround would be to use RPC-over-HTTP/Outlook Anywhere for internal clients but there would be a performance hit.