Outlook cannot connect through a firewall or a proxy server that is performing Network Address Translation (NAT) between public and private networks

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article was previously published under Q291615
For a Microsoft Outlook 2000, Outlook 98 and Outlook 97 version of this article, see 238390.
For a Microsoft Outlook Web Access 5.5 version of this article, see 238954.
Microsoft Outlook clients cannot connect through a firewall or proxy server that is performing Network Address Translation (NAT) between public and private networks.
When the IP packets that contain the remote procedure call (RPC) information are edited during translation, the IP packets lose the RPC connectivity information. This causes the client not to connect to the server. Additionally, Outlook can have problems resolving the name of the Microsoft Exchange Server computer behind the firewall or proxy server.
A work around for firewalls or proxy servers that are not based on Microsoft Windows NT is to perform a one-to-one translation between the two networks. This is also called "opening a pipe or tunnel" between the public and private networks. This takes all requests for a specific address on the public network and passes them directly to the private network. For additional information on about how to configure a one-to-one translation, please refer to your manufacturer's documentation

A one-to-one translation or pipe does not work for Windows NT-based firewalls and proxy servers because the Outlook client attempts to bind to the end-point mapper port (EPM), port 135, on the firewall. This server does not return the correct Exchange Server connectivity information to the Outlook client.

Another possible work around is to use Outlook Web Access. This only requires allowing HTTP traffic through the firewall or proxy server.
For additional information, please see the following Requests for Comments (RFCs):
RFC 1631 - The IP Network Address Translator (NAT)
RFC 1918 - Address Allocation for Private Internets
These RFCs can be found at the following Web site:

ol2003 ol2002 OL2007

Article ID: 291615 - Last Review: 01/31/2007 19:09:11 - Revision: 2.1

Microsoft Office Outlook 2007, Microsoft Office Outlook 2003, Microsoft Outlook 2002 Standard Edition

  • kbnetwork kbprb KB291615