question

HomerSibayan-0286 avatar image
0 Votes"
HomerSibayan-0286 asked HomerSibayan-0286 commented

Error : Cannot Connect to the remote procedure call service on the server named EXCH2013. Verify that a valid computer name was used and the Microsoft Exchange Service host service is started.

Hi Experts

Can someone or anybody here have an idea with error title above. We have nstalled 3 Exchange server 2013 CU23 in the environment. When we tried accessing other virtual directories of other exchange servers and make some changes the error always prompt. Cannot connect to the remote procedure call service on the server named EXCH2013. erify that a valid computer name was used and the Microsoft Exchange Service host service is started.

For Isolation :

We have check the firewall side and make changes from restricted to any to any the error disappeared but this is not the standard on the network firewall, and we need to specify the specific ports which needed for this.

Defined firewall port for exchange 2013 :

TCP port 25 – SMTP
TCP port 80 – HTTP for Outlook Web Access
TCP port 443 – SSL secured HTTP for Outlook Web Access (HTTPS)
TCP/UDP port 53 – Domain Name System (DNS)
TCP 587

For below list of Ports, we are not yet sure if among of them are the suspect meaning the required and needed. I have check this article. Please help or if you have any idea which ports below would need to be added.

https://social.technet.microsoft.com/Forums/ie/en-US/29a58110-747f-4eed-96ca-e5ae7a1ce129/exchange-2013-firewall-ports?forum=exchangesvrgeneral

https://docs.microsoft.com/en-us/exchange/network-ports-for-clients-and-mail-flow-in-exchange-2013-exchange-2013-help?redirectedfrom=MSDN

For Request :

TCP/UDP port 389 – Lightweight Directory Access Protocol (LDAP)
TCP port 3268 – LDAP communications with an Active Directory Global Catalog Server
TCP port 135 – Remote Procedure Protocol (RPC) however it will also use ports 1024 and up as needed.
TCP/UDP port 88 – Kerberos

LSA TCP: 691 The Microsoft Exchange Routing Engine service (RESvc) listens for routing link state information on this port.
LDAP TCP/UDP: 379 The Site Replication Service (SRS) uses this port.- for DAG


Thanks

office-exchange-server-administrationoffice-exchange-server-mailflowoffice-exchange-server-connectivityoffice-exchange-server-itprooffice-exchange-server-deployment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered

Hi @HomerSibayan-0286

As mentioned in this link: Network ports for clients and mail flow in Exchange 2013,
I am afraid it is not supported to restrict or alter network traffic between internal Exchange servers and between internal Exchange servers and internal Active Directory domain controllers in any and all types of topologies.
136893-17.png


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


17.png (20.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

HomerSibayan-0286 avatar image
0 Votes"
HomerSibayan-0286 answered HomerSibayan-0286 commented

Hi KaelYao-MSFT,

When you say we cannot alter or restirct " network traffic between internal Exchange servers and between internal Exchange servers and internal Active Directory domain controllers in any and all types of topologies." Meaning we cannot set or define a specifc ports in able to communicate all Exchange Server 2013 internal to internal and Exchange 2013 to other Exchange in other sites?

So our options is to unrestrict /allow Any to any to our firewall in order to have communication between the Exchange servers data?
To give you a quick background. we have existing exchange 2010 in child domain and we are now provisioned new exchange 2013 in same child domain in different machine. " our problem to be specific is when accessing EAC in exchange 2013 server 1 , we cannot access/make changes in Virtual directories of Exchange 2013 server 2 & 3. "

Error : That task wasn't able to connect to IIS on the server 'EXCH2013.child.domain.com'. MAke sure that the server exists and can be be reached from this computer. The RPC server is unavailable. "

We recently added those ports below but did not work. so we decided to define again back the any to any in firewall as temporary and it works.

135 TCP +Random high
RPC Endpoint MAPPER Port 135 is the RPC Endpoint Mapper service

389 (TCP,UDP)
3268 TCP
88 (TCP, UDP)

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Meaning we cannot set or define a specifc ports in able to communicate all Exchange Server 2013 internal to internal and Exchange 2013 to other Exchange in other sites?
So our options is to unrestrict /allow Any to any to our firewall in order to have communication between the Exchange servers data?

Yes. As mentioned in my former reply, it is officially documented that it is not supported to restrict or alter network traffic between Exchange servers.
Thus there aren't other official documentations that introduce which ports you need to open between Exchange servers.

0 Votes 0 ·

KaelYao-MSFT

Thank you for the information and the references. we have allowed /open a High TCP ports number between 1024 - 65535 ranges and it works fine now.

https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements

0 Votes 0 ·