HiWe are running Exchange 2003 and 2007 mailbox servers as part of our migration.Occasionally, some users VPN to the network from home. The Network team has enquired about locking down the ports required for Outlook connectivity to Exchange and I had some questions I was hoping people could help me with.Let's say my Exchange 2003 mbx server is Exch1.domain.com and Exchange 2007 mbx server is exch2.domain.com. The DC in the AD site of the Exchange servers is gc1.domain.comA home user launches their VPN connection and launches Outlook. All Outlook clients are 2007 SP2 and configured to use Cached mode.From what I understand, there is now a MAPI/RPC connection between Outlook and his mailbox server. Additionally, Outlook carries out GC referrals using GC1.domain.com. Please correct me if I am wrong.i) Is the MAPI/RPC connection used for when Outlook sends a mail to Exchange, or also when Outlook 'pulls' mail from Exchange (or is that Exchange 'pushes' mail to Outlook)ii) I understand that Exchange will use a random port for MAPI, selected when it boots up? Will it use this port for *all* MAPI connections, or there a range of MAPI ports used for difference clients?iii) Is it possible to restrict the range/specify a MAPI port for Exchange to use? Is this recommended?iv) If we carry out the above, how does this affect MAPI applications such as BES?v) Does any of this behaviour change depending if we are using Exchange 2003 or 2007 MBX servers?vi) Is the MAPI/RPC port used for submitted/recving emails only, or also other functionality like Calendar etc?

Hi Joe,I think all your question(i~vi) is based on which ports should be open. Since you deploy the VPN for users to connect to Exchange server,I think there is no any additional port to open on Firewall.The VPN establishes the connection and extends the internal network through the firewall.Same post share with you. http://www.eggheadcafe.com/software/aspnet/32090876/fiirewall-ports-required.aspxBy the way, Outlook Anywhere is much superior to VPN for this purpose.More information share with you:Understanding the Ports That Are Used by Exchange 2007 in a Mixed Environmenthttp://technet.microsoft.com/en-us/library/dd789693.aspxFrank Wang

Thanks.... Just for my own knowledge, do you know the answers to my questions though?

Hi Joe,I suggest you to download the Poster: Exchange Server 2007 Component Architectureinhttp://msexchangeteam.com/archive/2007/11/07/447473.aspxI will be helpful for understanding the Exchange 2007.Frank Wang