This Wiki page explains how to configure static ports for the RPC Client Access service, Exchange Address Book service, and public folder connections in Exchange 2010.
Often there are firewall restrictions in place between the Outlook client network and the Exchange 2010 messaging infrastructure network, which requires that static RPC ports are set on each Client Access Server in a Client Access array. In addition using static RPC ports usually reduces the memory footprint on the load balancer devices.
For information on how to configure a static UDP port for push notifications in an Exchange 2010 environment, see the Configuring a Static UDP Port for Push Notifications in an Exchange 2010 Environment TechNet Wiki article.
By default Windows Server 2008 and 2008 R2 are configured with a dynamic RPC range of 49152-65535 for outbound connections. Earlier versions of Windows Server by default used port 1025-65535 (for more details about this change see Microsoft KB article: The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008). Also, when the Exchange 2010 Client Access server role is installed on Windows Server 2008 or 2008 R2, the dynamic RPC port range is changed to 6005-59530 and the highest usable port number is set to 60554.
By default the RPC Client Access service on an Exchange 2010 Client Access server uses the TCP End Point Mapper port (TCP/135) and the dynamic RPC port range (6005-59530) for outgoing connections, every time an Outlook clients establish a connection to Exchange.
To set a static port for the RPC Client Access service on an Exchange 2010 Client Access server, you need to open the registry on the respective server and navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSExchangeRPC
Here, you need to create a new key named ParametersSystem, and under this key create a REG_DWORD named TCP/IP Port. The Value for the DWORD should be the port number you want to use. Configuring static ports for the RPC Client Access service
When you’ve configured the port, it's required to restart the Microsoft Exchange RPC Client Access service in order for the changes to be applied.
By default the Exchange Address Book service on an Exchange 2010 Client Access server uses the TCP End Point Mapper (TCP/135) and the dynamic RPC port range (6005-59530) for outgoing connections, every time an Outlook client establish a connection to Exchange.
Exchange 2010 RTM
In Exchange 2010 RTM a static port for the Exchange Address Book service is set using the following steps:
Configuring static port for the Exchange Address Book Service in Exchange 2010 RTM
When you’ve configured the port, it's required to restart the Microsoft Exchange Address Book service in order for the changes to be applied.
Exchange 2010 SP1 With Exchange 2010 SP1, you no longer use the “Microsoft.exchange.addressbook.service.exe.config” file to assign a static RPC port to the Exchange Address Book Service. Instead this configuration setting is controlled using the registry. To set a static RPC port for the Exchange Address Book Service, create a new REG_SZ registry key named “RpcTcpPort” under:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSExchangeAB\Parameters
Configuring static port for the Exchange Address Book Service in Exchange 2010 SP1
By default public folder connections uses the TCP End Point Mapper (TCP/135) and the dynamic RPC port range (49152-65535) for outgoing connections, every time an Outlook client establish a connection to Exchange.
To set a static port for public folder connections, follow the same steps as those required for configuring static ports for the RPC CA service. Just bear in mind you need to perform them on the Exchange 2010 servers that stores public folder databases. This is because public folder connections from an Outlook client occur against the RPC Client Access service on the Mailbox server role.
Configuring a static port for Public Folder connections
When the port has been set for public folder connections, it's required to restart the Microsoft Exchange RPC Client Access service on the Mailbox server in order for the changes to be applied.
In order to verify that the static ports configured are used, the netstat.exe tool can be used:
Netstat -an -p tcp
Verifying the configured static ports are used on the Client Access and Mailbox servers
Script to set static ports is now available here. The script works with Exchange 2010 RTM and SP1, SP2 and SP3. It also includes -auto to automatically search and change ports on all Exchange 2010 CAS servers and Mailbox Servers hosting public folders in the environment. More details here.
Brett Bentley edited Revision 36. Comment: Minor edit. Removed sentence fragment.
Jochen Ruhland edited Revision 35. Comment: Typo in Port, fixed to value shown in picture
Nope that should be fine if you haven't configured another application to specifically use this port.
Henrik Walther edited Revision 58. Comment: Added link to UDP article
Hello Henrik,
I have create a REG key with port 59532 and i restarted the services. Still i cant the the port on NETSTAT ?
Great stuff as always Henrik, thanks. One quick question however:
When setting the static RPC port on dedicated Mailbox servers that host Public Folders shouldn't I use a different port so that I can define the rule uniquely on my load balancer? My understanding is that Outlook will initiate communication with the Mailbox server directly for PFs (CAS does not proxy) therefore we need it to use a unique port and have its own rule in the hardware load balancer.
That sound right? Thanks
GzBz: It's fine to use same port for PF and Mailbox endpoints.
While it's good info to have, it's worth noting that majority of people implementing this change are doing so in order to deploy a hardware load balancer. In this scenario, remember that Outlook connects to Public Folders directly on the mailbox server by the server name so a static mapping of the ports is unnecessary.
Static ports are set typically for the load balancer so it has a known port to listen for when proxying communication replies back to the client, which isn't a factor in direct mailbox-to-outlook communication.
Great article, but I have a question. Don't you mean to say the Dynamic Port range on Windows 2008 or 2008 R2 with the Exchange CAS role installed would be:
Start Port = 6005
Number of Ports = 59530
This would actually make the dyamic port range on Windows 2008 or 2008 R2 = 6005 - 65535, right?
Ed Price - MSFT edited Revision 64. Comment: White space issues. Aborting TOC attempt.
Very helpful article.
if we set static port for RPC CA will it also use this port to communicate to the mailbox server? that is overwrite the statement below? referring to note: "The Client Access servers use many ports to communicate with Mailbox servers. With some exceptions, those ports are determined by the RPC service and aren't fixed."
Nicolo2: This is only for connections from clients to the CAS servers not from CAs to MBX.
DominicL: Nope actually it's changed so that 59530 is the highest dynamic port and the highest usable port number is set to 60554.
Mike Crowley edited Revision 66. Comment: Updated "Exchange 2010 Client Access Array & Load Balancing Resources" link
Brilliant article. thank you very much
Thanks Ronnie