XCCC: TCP/IP Ports Used by Microsoft Mobile Information Server

Article translations Article translations
Article ID: 294297 - View products that this article applies to.
This article was previously published under Q294297
Expand all | Collapse all

SUMMARY

This article describes the Transmission Control Protocol/Internet Protocol (TCP/IP) ports that are used by Mobile Information Server. This article also describes scenarios where you may need to open these ports on a firewall to allow access for mobile users.

MORE INFORMATION

When you run Mobile Information Server in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), open the following ports on the router between the perimeter network and the internal network:
  • 80 - Hypertext Transfer Protocol (HTTP)
  • 53 - Domain name system (DNS)
  • 88 - Kerberos (if you are using NTLM)
  • 135 - Remote procedure call (RPC)
  • 137 - NetBIOS Name Service
  • 138 - NetBIOS Datagram Service
  • 139 - NetBIOS Session
  • 389 - Lightweight Directory Access Protocol (LDAP) (TCP/User Datagram Protocol [UDP])
  • 1026 - RPC
  • 3268 - Global Catalog with LDAP
However, if you are using IPSec to secure traffic between Mobile Information Server and the internal network, allow only the following through the firewall for inbound and outbound traffic:
  • IP Protocol 50 - Encapsulating Security Protocol (ESP)
  • IP Protocol 51 - Authentication Header (AH)
  • UDP port 500 - ISAKMP
Additional TCP and UDP ports may be required to allow Kerberos. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
233256 How to Enable IPSec Traffic Through a Firewall
On the external firewall between the perimeter network and the public network, the following ports must be available:
  • For Exchange 2000 notifications:
    • 25 - SMTP (if you are using SMTP carriers)
    • 80 - HTTP (if you are using HTTP carriers with Mobile Information Server Carrier Edition)
    • 50, 51, UDP 500 - IPSec (if you are using an HTTP carrier with the IPSec policy)
  • For Exchange 2000 browse:
    • 80 - HTTP (if you are not using secure HTTP)
    • 443 - HTTPS (if you are using secure HTTP over Secure Sockets Layer [SSL])
  • For Exchange Server 5.5 browse:
    • 80 - HTTP (if you are not using secure HTTP)
    • 443 - HTTPS (if you are using secure HTTP over SSL)
In addition, Exchange Server 5.5 browse requires the following additional ports to be opened on the internal firewall:
  • 1024 and higher - Dynamic RPC
When you set Exchange Server 5.5 RPC ports statically, you can avoid the need for all ports higher than 1024 for dynamic RPC.

Properties

Article ID: 294297 - Last Review: October 28, 2006 - Revision: 1.3
APPLIES TO
  • Microsoft Mobile Information Server 2001 Enterprise Edition
Keywords: 
kbinfo KB294297

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com