<

Go Premium for a chance to win a PS4. Enter to Win

x

Migrate Remote IP Addresses to a New Relay Connector

Published on
3,662 Points
462 Views
2 Endorsements
Last Modified:
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
In many Exchange transition projects, there is a need to migrate some receive connector settings used in an existing SMTP relay connector to the new servers being stood up in preparation for decommissioning legacy servers.
 
Also, in most cases, there are several remote IP addresses assigned to existing relay connectors that need to be assigned to the new receive connector. Imagine trying to manually copy and add each address … Not fun!
 
In this example, I will “migrate” the remote IP addresses of an existing receive connector (configured for relay) on Exchange 2013 server to a new “relay” connector on Exchange 2016. The server name EX1 represents Exchange 2013 and EX2 represents Exchange 2016.
 
GATHER BASIC CONNECTOR INFO
First, using the Exchange Management Shell (EMS) from the Exchange 2013 server, I will gather some general information regarding all of the existing receive connectors in the organization.
 
Get-ReceiveConnector | ft -auto

Open in new window


 
Running get-receiveconnector displays all of the existing receive connectors for both server. The one I am targeting is “EX1\Relay EX1”; the SMTP relay connector on the Exchange 2013 server.
 
Identity                         Bindings                   Enabled
--------                         --------                   -------
EX1\Default EX1                  {0.0.0.0:2525, [::]:2525}  True
EX1\Client Proxy EX1             {[::]:465, 0.0.0.0:465}    True
EX1\Default Frontend EX1         {[::]:25, 0.0.0.0:25}      True
EX1\Outbound Proxy Frontend EX1  {[::]:717, 0.0.0.0:717}    True
EX1\Client Frontend EX1          {[::]:587, 0.0.0.0:587}    True
EX1\Relay EX1                    {0.0.0.0:25}               True
EX2\Default EX2                  {0.0.0.0:2525, [::]:2525}  True
EX2\Client Proxy EX2             {[::]:465, 0.0.0.0:465}    True
EX2\Default Frontend EX2         {[::]:25, 0.0.0.0:25}      True
EX2\Outbound Proxy Frontend EX2  {[::]:717, 0.0.0.0:717}    True
EX2\Client Frontend EX2          {[::]:587, 0.0.0.0:587}    True

Open in new window


 
I need to get specific remote IP address information regarding the relay connector on EX1, so, I run the following command to provide me with a visual display of the addresses I intend to migrate to a new relay connector on EX2.
 
Get-ReceiveConnector "EX1\Relay EX1" | fl RemoteIPRanges

Open in new window


 
The remote IP addresses are displayed, however, the list is truncated…
 
RemoteIPRanges : {172.16.20.5, 172.16.162.50, 172.16.104.5, 10.88.162.9, 10.88.162.58, 
10.88.162.26, 10.88.162.24, 10.88.162.237, 10.88.162.2, 10.88.162.19, 10.88.162.18, 
10.88.162.15, 10.87.104.29, 10.87.104.26, 10.85.99.96, 10.85.99.36...}

Open in new window


 
DISPLAY LIMITATION
The fact that all of the addresses aren’t displayed does me no good. But, I can make a modification to how values are displayed. I now run the following two commands to check, and set, the display limit.
 
I’ll start with this command…
 
$FormatEnumerationLimit

Open in new window


 
The default value is 16. What that means is that any command will display a limit of 16 values. So, if I have more than 16 IP addresses (or ranges) assigned to my connector, running the ‘Get-ReceiveConnector’ command to reveal the remote IP addresses will display up to only 16 values (or IP addresses).
 
If I want to see more of the values, I can run the $FormatEnumerationLimit with a larger value like 20 or 30 or whatever I wish. However, I want to see all of the values displayed. Therefore, I run the following command which allows for an unlimited number of values to be displayed.
 
$FormatEnumerationLimit =-1

Open in new window


NOTE: If changing the enumeration limit, it will only remain set until the EMS is closed. When the EMS is reopened the value returns to the default of 16. However, the default value can be modified by editing this line “$FormatEnumerationLimit = 16” of the Exchange.ps1 file in the Bin directory.
 
Now, when I run this command again…
 
Get-ReceiveConnector "EX1\Relay EX1" | fl RemoteIPRanges

Open in new window


 
The full list of assigned IP addresses (including subnets and ranges) is displayed.
 
RemoteIPRanges : {172.16.20.5, 172.16.162.50, 172.16.104.5, 10.88.162.9, 10.88.162.58, 
10.88.162.26, 10.88.162.24, 10.88.162.237, 10.88.162.2, 10.88.162.19, 10.88.162.18, 10.88.162.15, 
10.87.104.29, 10.87.104.26, 10.85.99.96, 10.85.99.36, 10.85.99.25, 10.83.7.87, 10.83.7.61, 
10.83.7.60, 10.83.7.54, 10.83.7.43, 10.83.7.41, 10.83.7.237, 10.83.7.233, 10.83.7.18, 
10.83.7.147, 10.81.26.101, 10.0.0.0/24, 192.168.100.94-192.168.100.104, 10.10.10.151}

Open in new window


 
CREATE CONNECTOR AND ADD REMOTE IP ADDRESSES
Now that I can visually see all of the remote IP addresses, I could copy and paste them manually into a new receive connector but I don’t want to. Instead, I will create a new receive connector (for relay) via the EMS (still from the 2013 server) and add the existing remote IP addresses from the relay connector on EX1 to the new connector on EX2.
 
I run this command because I need to gather settings into a variable ($RecvConn) from the existing relay connector on EX1.
 
$RecvConn = Get-ReceiveConnector "EX1\Relay EX1"

Open in new window


 
Then, I create the new relay connector (Relay EX2) with this command by populating the RemoteIPRanges parameter with the values gather from “Relay EX1” in the previous command, and adding ‘AnonymousUsers’ to the permission group.
 
New-ReceiveConnector -Name "Relay EX2" -RemoteIPRanges $RecvConn.RemoteIPRanges -Bindings @('0.0.0.0:25') -Usage "Custom" -Server "EX2" -TransportRole "FrontendTransport" -PermissionGroups "AnonymousUsers"

Open in new window


 
Finally, we complete the new relay connector by setting it to accept anonymous messages from the remote IP addresses.
 
Get-ReceiveConnector "EX2\Relay EX2" | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient

Open in new window


 
CONCLUSION
After the new relay connector is created, I like to thoroughly test it to ensure it functions for my needs. For me, I prefer this method to others because it is relatively simple to implement and get working in a short amount of time.
 
Good luck and have fun!
 
Reference(s):

 
 
2
Comment
Author:Todd Nelson
0 Comments

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Join & Write a Comment

In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month