Zachary Loeber

I eat complexity and am never without a meal.

Exchange 2010: Automated Firewall Rule Generation 1.4

I made some updates to the automated firewall rule generation script. This includes some updates to the firewall rule spreadsheet to give information on setting setic ports and port ranges for RPC based services. This csv file may be a good general reference even without the script.

Change Log

1.4 – Fixed some logic around Client-Network processing to generate just rules to the same site for hub-transport/

Client-Access roles and to bypass $SkipSameSite settings.

– Updated the FirewallRules.csv to be more detailed for setting static ports for cross-site dags

(This is actually a really convenient reference in its own right)

– Added a region column to the exchange environment csv file for processing

1.3 – Added logic for client-network rules to only process them if they are in the same site as the Role

In our input exchange environment csv file if you want 2 sites to generate rules that allow them

to reach two other sites instead of just their own you will need to put the network in twice, once

for each site like so:

Client-Network,10.203.2.0/24,End User Network – Site1,Site1

Client-Network,10.203.2.0/24,End User Network – Site1,Site2

Download:

Automated Firewall Rule Generation 1.4