CAS Static ports and what to LB

from https://www.msexchange.org/articles_tutorials/exchange-server-2007/planning-architecture/uncovering-new-rpc-client-access-service-exchange-2010-part2.html

On the CAS servers, for Mailbox connections, you need to use add a DWORD registry key named “TCP/IP Port” under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeRpc\ParametersSystem

Set the value to the port number to be assigned. In this article we use port 55000, but you are free to choose whatever port you want to use, just remember it should not conflict with other applications using the port. It is recommend you choose a port within the dynamic RPC ranger (59531 and 60554)

To use a static port for public folder access, you need to do the same on the mailbox servers:

First open the registry editor. Then add a DWORD key named “TCP/IP Port” under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeRPC\ParametersSystem

It’s fine to use the same port that you specified on the CAS server

Finally you need to limit the port usage for clients that connect to the NSPI endpoint for directory access. Unlike MAPI access to mailboxes and public folders this is done by modifying a file more specifically the Microsoft.exchange.addressbook.service.exe.config configuration file located in the Exchange Bin folder

Open the file in Notepad and then change the “RpcTcpPort” value from the default assignment of “0” to the port you want Outlook clients and Exchange to use for the directory access via the NSPI EndPoint. In this article we use port 55001.

When you have done the above changes, you should reboot the Mailbox and Client Access on which you performed the above changes.

from the installation guides:

The values used in NLB must be the same across all nodes in the NLB cluster. The values specified here will ensure that the Windows Network Load Balancing array can load-balance HTTPS (TCP443), IMAP4 (TCP143 and TCP993), POP3 (TCP110 and TCP995), RPC Endpoint Mapper (TCP135), Address Book service (TCP55000), and RPC Client Access (TCP55001).