In many instances, users may need to access an Exchange system over a router, or through a firewall. In such instances, it is necessary that the router or firewall be able to pass the appropriate type of traffic.
Quite a few people of warned of scenarios on the exam that involve just such configurations. It is therefore imperative to be familiar with the appropriate ports that the various Exchange services utilize. The following table summarizes these ports:
Secure (SSL) Port
RPC End-Point Mapper
One particular port of interest is the RCP port, 135. Also referred to as the "End-Point Mapper" service, this port is responsible for telling us what port various other exchange services, such as the MTA, DS, and IS, are listening on.
This feature is important, because when an Exchange server starts, the MTA, DS, and IS, are each DYNAMICALLY assigned a port by the End-Point Mapper service. So first a connection is made to port 135 with a request for the port of the service that is needed. The End-Point Mapper replies with the correct port and then communication is established with that port.
This can cause an obvious problem if a router or firewall in between the two services has these ports closed. And since the ports are dynamically assigned you can't be sure which port needs to be opened.
Fortunately, these ports can be "pinned down" rather than assigned dynamically. The way to accomplish this is through a registry setting, as follows:
For the DS:
For the IS: