In today’s secure corporate WAN networks one common issue I see on a regular basis is Exchange connected Outlook clients not working because of corporate firewall changes or misconfiguration.

 

Properly the quickest way to check if a firewall is blocking or filtering rcp traffic between you outlook client and an exchange server is to use the PortQry.exe tool. This Windows Server Support tool sends packets to specified ports and looks to see if that port has been blocked (filtered).

 

To begin install the Server Support tools from your Windows Server CD for your version of Windows Server once installed, or download the new version PortQry version 2 from the following location.

PortQry Version 2 Download

 

If you are a GUI type person you can also download the PortQueryUI tool from the below location

PortQueryUI PortQry GUI Download location

 

Using the PortQry or PortQueryUI tool returns the below values depending on the state or filtered state of the destination servers port

 

Listening                             Some Process is running on the port you have queried

Not Listening                     No process is running on the port you have queried      

Filtered                                                The port queried has been blocked (filtered)

 

To use PortQry to check for filtered rpc ports we first need to understand how rpc works, firstly an initial connection is made over port 135 after which a random port between 1024 and 65535 is negotiated for the main communication.

 

If you were issuing checking a standard ports status you would run the following command from the command prompt:

 

portqry -n ServerName -e 135

 

 

Figure 1 "Output from PortQry Tool"

 

It is most likely that port 135 will be listening and not filtered, but one of the endpoints  between 1024 and 65535 are blocked, so now you need to check the output above taking note of each of the endpoint ports, after this you can use portqry again using the -o switch to specify each of the individual endpoint ports.

 

portqry -n ServerName -o 1117,1118,6001 

 

Once you have ran the above command the status of each of ports will be listed, either Listening, Not listening or Filtered. If any of the ports are listed as Filtered then it fairly much rules out a Windows and/or Exchange service issue, and is something you can take to your Network/WAN specialists to fix for you.

Related Articles WindowsIS.com    What is the Vista Network Location Feature? ExchangeIS.com    Using ADModify - A real world example    Using ADSIEdit - A Real World Example Why not Become a member of Exchange Information Store and participate in our forums