• Home
  • Consulting
  • Contact Us
    • About this site
    • Contact Wayne
    • Media Room
    • Wayne’s Bio

SBSFAQ.COM

Supporting IT Pro's & MSP's since 2000

  • Blog
  • FAQs
  • Reviews
  • Downloads

What inbound ports do I need to open on my firewall for SBS 2008 ?

September 5, 2009 by Wayne Small 3 Comments

Small Business Server 2008 (SBS 2008) requires a number of ports open on your firewall to allow inbound traffic from the Internet in to your network. SBS 2008 needs a lower number of ports open than SBS 2003 did. You will only need to open the ports below to enable all SBS 2008 functionality if you are using all facilities. If you do not need a specific function open then there is no need to allow that port to be open inbound to the server.

Port 25 This is required for inbound mail using the SMTP protocol – this will be needed on MOST SBS 2008 servers. If you are using an external third party mail filtering service such as Trend Micro Internet Messaging Security then you will want to restrict this port to be open ONLY to their servers. Closing this port to all traffic will prevent ANY inbound mail to your SBS 2008 server.

Port 80 This port is used to redirect requests to the Remote Web Workplace for http://remote.mycompany.com through to the secured site on port 443. You do not need to have this port open for SBS 2008 to work, but if you close it then you must get your users to use https://remote.mycompany.com to get to their Remote Web Workplace. Closing this port will result in errors when users try to access Remote Web Workplace via http://remote.mycompany.com

Port 443 This is the secured sockets layer (SSL) access to the Remote Web Workplace. All traffic over this port is encrypted for security. This port needs to be open in order for Remote Web Workplace to work. Closing this port will result in the Remote Web Workplace not being accessible outside of the office from the Internet.

Port 987 This is another secured sockets layer (SSL) port that is used to allow access to the Companyweb from the Internet. It uses the same digital certificate as that on port 443. Closing this port will result in the Companyweb not being accessible outside of the office from the Internet.

Port 1723 This port is used for the PPTP VPN in SBS 2008. It only needs to be enabled if you have already configured the SBS 2008 server to be used as a VPN server. You can do this via the SBS 2008 console on the Network Tab using the Enable VPN wizard. Closing this port will result in the VPN not being accessible from the Internet.

SBS 2008 does NOT require the following ports to be opened BY DEFAULT.

Port 21 This port is used for FTP access from the Internet to the SBS 2008 server. The SBS 2008 server is NOT configured as an FTP server by default. It is NOT recommended that you configure your SBS 2008 server as an FTP server as by default any password used to access it will go over the Internet in clear or plain text. This means that someone else can easily read your password and potentially compromise your network security.

Port 3389 This port is used for DIRECT access to the SBS 2008 servers console via the RDP protocol of the Remote Desktop Connection software. Allowing this port to be open to the Internet WILL increase the potential of your server being compromised via a password brute force attack. If you MUST have this port open to the Internet, it is recommended that you implement a two factor authentication solution called AuthAnvil from Scorpion Software

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to print (Opens in new window)

Filed Under: FAQs Tagged With: Configuration, Firewall, SBS 2008

About The Author

Wayne has been working with Microsoft Server products in the SMB market for over 20 years. He has a passion for technology and been a Microsoft MVP for over 15 years. Read More…

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Connect Online With Us

  • Facebook
  • Twitter

Reviews

Splashtop – Cost Effective Remote Control Software

September 22, 2017 By Wayne Small 2 Comments

Western Digital DL4100 NAS

March 3, 2015 By Wayne Small Leave a Comment

SBS 2011 Configuring Certification Guide (70-169)

August 7, 2012 By Wayne Small 4 Comments

Site News

Exchange Bug Stops Mail Delivery in 2022

January 2, 2022

Huge bug found in Intel CPU that could permit hackers to steal your data

January 4, 2018

Recent Posts

  • MS Exchange Zero Day and RemotePowerShell Disabling on Admin accounts
  • Setup changes for Exchange 2016 and Exchange 2019
  • Bluetooth Mouse and Keyboard Randomly Stop Responding
  • Exchange Bug Stops Mail Delivery in 2022
  • How to open and search extremely large text log files

Tags

Antivirus Backup Business Focus Cloud Computing Community Conferences Disaster Recovery Exchange 2010 Exchange Server Future Products Hyper-V Installation Microsoft Migration Patches Personal Rants SBS 4.5 SBS 2000 SBS 2000 SP1 SBS 2003 SBS 2003 Premium SBS 2003 R2 SBS 2003 R2 Premium SBS 2003 R2 Standard SBS 2003 SP1 Premium SBS 2003 SP1 Standard SBS 2003 Standard SBS 2008 SBS 2008 R2 SBS 2011 SBS 2011 Essentials SBS 2011 Standard Security Service Packs ShadowProtect SMB Community Software Software I use StorageCraft Training TrendMicro Troubleshooting Virtualisation Windows Server 2012 Essentials

Terms of Use

Privacy Policy

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in