SBS Ports

Just because a port is open in RRAS or ISA (circa SBS 2003) doesn’t mean that it isn’t being blocked elsewhere, like at the ISP or because port forwarding isn’t setup properly in your firewall. Sometimes you need an outside view of the external ports on your internet connection.

DISCLAIMER – Only open the ports you absolutely MUST have. Example, if you’re not running the POP3 connector or FTP, don’t open those ports! If you’re not sure about a port, check the Port/IP Lookup on Sans.org or ask someone who knows!

To check all of the commonly used SBS ports at once:

  1. Go to www.grc.com/default.htm
  2. Scroll down & click ShieldsUP!
  3. Click Proceed
  4. In the center box on that page, paste this string:
    21, 25, 80, 110, 123, 143, 220, 443, 444, 500, 987, 1701, 1723, 3389, 4125, 4500
  5. Click User Specified Custom Port Probe

image

This scan will come back with a list of ports you entered and show the status.

Sample scan of commonly used ports in an SBS environment. 

Below is a handy chart that I stole from Susan and Windows IT Pro and updated a couple of times over the years.

Common Ports for Small Business Server (SBS)

TCP Port

Service

Description

21

FTP

Enables external and internal file transfer

25**

SMTP – Exchange

Enables incoming and outgoing Simple Mail Transfer Protocol (SMTP) mail for your Exchange Server

80

HTTP – IIS

Enables all nonsecure browser access, including: internal access to IIS Webs including the company Web, Windows SharePoint Web, Windows SharePoint administration Web, and server monitoring and usage reports Enables internal access to Exchange by OWA and OMA clients (SBS 2003)

110

POP3

Enables Exchange to accept incoming Post Office Protocol (POP3) mail

123
(UDP port)

NTP

Enables the system to synchronize time with an external Network Time Protocol (NTP) server

143

IMAP4

Enables Exchange to accept incoming Internet Message Access Protocol v4 IMAP4-compliant messages

220

IMAP3

Enables Exchange to accept incoming Interactive Mail Access Protocol v3 IMAP3-compliant messages

443**

HTTPS – OWA, OMA, Outlook Anywhere, & RWW
(SBS 2008)

Enables all secure browser access, including external access to Exchange for Outlook 2003/2007, OMA and OWA; required for external access to server monitoring, usage reports and RWW (SBS 2008). OMA has been deprecated from SBS 2008. See SBS 2008 RWW video here.

444

WSS (SBS 2003)

Enables internal and external access to Windows SharePoint Services (WSS) Companyweb (SBS 2003)

500

IPSec

Enables external VPN connections by using IPSec

987**

WSS (SBS 2008)

This Secure Hypertext Transfer Protocol (HTTPS) port makes Windows SharePoint Services (WSS) Companyweb site viewable through Remote Web Workplace (SBS 2008). See SBS 2008 RWW video here.

1701

L2TP clients

Enables external L2TP VPN connections

1723

VPN – PPTP clients

Enables external PPTP VPN connections

3389***

RDP – Terminal Services

Enables internal and external Terminal Services client connections (see Note below)

4125 (Note: you can change this port in RRAS)

Remote Web Workplace
(SBS 2003)

Enables external OWA access to Exchange, plus internal and external HTTPS access to the client Web site (SBS 2003)

4500

IPSec

Internet Key Exchange (IKE) Network Address Translation (NAT) traversal

 

**Note: The ports listed above in bold are required by SBS 2008, per Microsoft TechNet article “Managing Windows Small Business Server 2008 Remote Web Workplace”, including port 3389, but see article below.

***Question: Should I open port 3389 for remote administration or remote desktop connections?
Answer from Microsoft: “You no longer need to open port 3389. Windows Small Business Server 2008 uses Terminal Services Gateway to redirect traffic from port 443 to a selected desktop or server for RDP connections. You would need to use RWW or configure the Terminal Services client to use TS Gateway.”
Source: http://technet.microsoft.com/en-us/sbs/cc817589.aspx

There’s also a post on the Official SBS Blog that talks about an IPSec issue back in 2008 that affected ports 1645-1646, 1701, 1812-1813, 2883 & 4500.

I’ll try to keep this form updated as time goes on and will keep a permanent copy at http://www.nogeekleftbehind.com/sbs-ports/.

VN:F [1.9.20_1166]
Rating: 0.0/10 (0 votes cast)

Download – Remote Server Admin Tools for Windows 7

Windows 7 logoRemote Server Administration Tools for Windows 7 enables IT administrators to manage roles & features that are installed on computers that are running Windows Server 2008, 2008  R2, or 2003, from a remote computer that is running Windows 7.

Title: Remote Server Administration Tools for Windows 7
Date Published: 08/11/2009
Download size:
– x64 version 222.1 MB
– x84 version 215.1 MB
File type: MSU
System Requirements: Windows 7 (Professional, Ultimate or Enterprise),
Windows Server 2003, 2008 or 2008 R2 
Download URL: Click here

Overview:

Remote Server Administration Tools for Windows 7 enables IT administrators to manage roles and features that are installed on remote computers that are running Windows Server 2008 R2 (and, for some roles and features, Windows Server 2008 or Windows Server 2003) from a remote computer that is running Windows 7. It includes support for remote management of computers that are running either the Server Core or full installation options of Windows Server 2008 R2, and for some roles and features, Windows Server 2008. Some roles and features on Windows Server 2003 can be managed remotely by using Remote Server Administration Tools for Windows 7, although the Server Core installation option is not available with the Windows Server 2003 operating system.

This feature is comparable in functionality to the Windows Server 2003 Administrative Tools Pack and Remote Server Administration Tools for Windows Vista with Service Pack 1 (SP1).

Source: Scott Hanselman (@shanselman on Twitter)

VN:F [1.9.20_1166]
Rating: 10.0/10 (1 vote cast)

Louisville Geek Dinner v0.7 Tonight

imageTonight the 7th Louisville Geek Dinner will be held at the Bluegrass Brewing Company. The list of attendees is pretty enormous, with 85 registered as attendees, and 15 maybes (and that’s as of this morning). Should be quite a turnout!

  • WHAT: A social networking event for those who love technology
  • WHEN: Monday, August 24, 2009 @ 6:00pm EST
  • VENUE: Bluegrass Brewing Company – Google MapBBC Website
  • ADDRESS: 3929 Shelbyville Rd, Louisville, KY 40207
  • COST: FREE + whatever you choose to spend on food / bevy.
  • HOST: Ben Thomas
  • ATTENDEES: Mac, PC, Linux, Unix, SBS and all other manner of geeks
  • REGISTER: http://www.louisvillegeekdinner.com
  • Twitter: @geekdinner
  • VN:F [1.9.20_1166]
    Rating: 0.0/10 (0 votes cast)

    KYSBSUG Meeting August 19, 2009 – Office 2010 First Look

    This is a friendly reminder about the August KYSBSUG Meeting tonight:

    KYSBSUG logoGroup: Kentucky Small Business Server User Group (KYSBSUG)
    Meeting #: 66
    Meeting Date: Wednesday August 19, 2009
    Time: 6:30 PM Eastern
    Location: Money Concepts
    Address: 323 Townpark Circle, Suite 100, Louisville, KY 40243
    Map: Click here for map on Bing.com

    Presenter: Tim Barrett
    Topic: Office 2010 – First Look

    Description: Tonight we’ll take you on a tour of the new features of the 2010 applications and point you to resources to learn more about the next wave of Microsoft Office.

    Registration URL: Registration is not required for this event.

    VN:F [1.9.20_1166]
    Rating: 0.0/10 (0 votes cast)

    Show Notes – July 2009 KYSBSUG Meeting

    Here are the links from the July 2009 Kentucky Small Business Server User Group (KYSBSUG) meeting:

    TOPIC: “Multimedia Smackdown – Ripping DVDs and Other Cool Stuff” 

    TV Tuners / Streaming

    DVD to WMV / AVI / DivX / XviD

    MP3 Devices / Editing

    Other Links (thx David Hunter)

    Thanks to all those who attended and contributed links. If you have a favorite Video / MP3 / DVD editing tool, please feel free to post a link in the comments.

    VN:F [1.9.20_1166]
    Rating: 0.0/10 (0 votes cast)