We have an unusual situation at one of my clients this morning. When I got in, the Jr. Admin informed me that she had to open port 1151 on our Firewall for an Exchange client whom connects in via VPN to work. She informed me that she had ran a sniffer on the workstation, and it was sending requests in to our Mail Server on port 1151. So she opened the port. Since 1151 is an ephemeral port, I was under the impression that this would probably not be a necessary port for Exchange clients to use to effect the connection. I am relatively certain that this client has worked before without having this port open. Can someone speak intelligently about whether this port needs to be open. Like I said, this client is not on our network, but on a public ISP. He uses the Cisco VPN client to connect in to the Firewall and form an IPSEC tunnel. From there he works just like someone connected to the network. Thanks for any input! KMNRUser KMNR Owner

Are you using Outlook Anywhere/RPC over HTTPS? If Outlook starts before the VPN comes up then it will attempt to connect over MAPI on the Internet. If the name of the server resolves to your external IP address as well as an internal, then you could see the traffic hitting the firewall. The only reason I can think of that would stop it from working even after the VPN has started up is DNS resolution cache on the workstation means that Outlook is still trying to connect to the public IP address rather than the private. Outlook uses random ports above 1024, so the next day the port could be different. Close the port, it isn't required. Tell the end user not to start Outlook until the VPN is established, or use Outlook Anywhere/RPC over HTTPS (Outlook 2003 or higher, Exchange 2003 or higher) which does away with the need for a VPN to access Exchange. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

thanks for your answer Simon. We went back out to the problematic client site. Sure enough the junior admin was correct. for whatever reason, it seems that the client is trying to connect in on 1151. I am not sure why this behavior is occuring. We shut port 1151 down on the ASA, but now the Outlook client will not connect. The client has other needs once connected thru the VPN tunnel, so disconnecting the tunnel in favor of using Outlook Anywhere/RPC over HTTPS is not an option. I will have to figure out why this is trying to connect on port 1151. KMNR Owner

Hi, You can use Network Monitor to capture the communication between the Exchange Server and the problematic user, find which process is using the port 1151. Thanks AllenAllen Song