Solved

Port 25 On Microsoft Exchange 2003

Posted on 2003-10-29
46
1,562 Views
Last Modified: 2010-03-19
Hi,

Got a bit of a problem...  Exchange 2003 works fine internally - but when I try through the internet, nothing happens.  I try telnetting to port 25 of my router and when config'd to the IP address of the current email server its fine - but when it points to the IP address of the Exchange server - its no go.  Like I say - internally its fine - I can telnet to the 192 address.

Any ideas?  I'm getting frustrated.

DP
0
Comment
Question by:dpwdc
  • 20
  • 13
  • 7
  • +4
46 Comments
 
LVL 7

Expert Comment

by:NicBrey
ID: 9641400
You need to configure your router to forward traffic that hits it's outside interface on port 25 to your mail server's internal address.

What type of router do you have??
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9641521

If you have configured incoming nat or pat on your router, remember to set the Default Gateway of your internal server with the IP of the router.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9641540
...the internal IP of your router.... (192.168.x.x)
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 7

Expert Comment

by:NicBrey
ID: 9641595
Just one thing...
If you already have a mail server running, yur router is probably configured to forward port 25 to your current mail server.
You can not add another server to be accessed from the internet through the same router/connection on port 25.
The router have no idea to which server an email should be routed to.  You can only do port forwarding to one internal IP address per port.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9641720
NicBrey you're right if router has only one internet ip configured on its external interface.

dpwdc can you tell us how your router is configured?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9641787
Back from lunch now so heres the answer to your queries!

Yes indeed I do have a mail server on port 25 already - however I am replacing my routers port forwarding setting not adding to it; so as far as the router is concerned there is only ever one server.

The router is configured to forward port 80 to my web server, and port 25 to my mail server.  I am swapping the value of the IP address for port 25 from 192.168.1.20 to 192.168.1.25 (which is irrelivant but easier to refer to in future comments).
0
 
LVL 7

Expert Comment

by:NicBrey
ID: 9641828
What type of router is it??
Maybe there is an access list only allowing SMTP to 192.168.1.20 or a firewall blocking it ??
If your SMTP service is running on the server, there is no other reason why this should not work if you change the port forwarding on the router...
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9641854
Thats what I thought, its very frustrating!  We have 2 routers - one is a Zoom ADSL modem router thing, and the other is a D-Link - there cheep chatty things.  The mail server USED to be on port 106, and then 20, and now on to 25 (testing out different mail servers).
0
 
LVL 16

Expert Comment

by:_nn_
ID: 9641899
Insisting on Kubrik's idea, since you haven't acknowledged that everything is ok on this side : what is the default gateway in the TCP/IP settings of your Exchange 2003 box ? Is it the internal address of the involved router ?
0
 
LVL 7

Expert Comment

by:NicBrey
ID: 9641917

    Server-------------------- D-link -------------- Zoom ADSL------------- ISP              
192.168.0.20
Does your setup looks like this?  Your DSL router will then have the public routable IP address on the outside interface.
Do you have control over the DSL router as well??  The port forwarding is happening on the DSL router and not the D_Link.
Are you trying to configure the D-Link or ADSL router??
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9641921
Can you explore internet on your 192.168.1.25 server?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9641979
_nn_ - the default gateway is set to the router that Im testing with
NicBrey, no I have 2 lines - its like this:

              Server
        |                    |
    D-Link             Zoom
        |                    |
ADSL LINE1      ADSL LINE2

I'm currently altering the D-link router - but the same scenario happens when I tried with the other router.

Kubrik - I can surf away on 25.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642020
Have you tried to save and restart router after your forwarding modifications?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642022
Kubrik - You have to do that everytime for it to take effect
0
 
LVL 7

Expert Comment

by:NicBrey
ID: 9642037
You have to telnet to the outside interface IP of the router on port 25.  Is that what you are doing??
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642042
Have you another active service on 25 to map, so we can be sure that it isn't an Exchange problem but only net problem?
Like a webserver for example.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642089
NicBrey - Yea, thats what I'm doing - I'm telneting on port 25 to my external IP
telnet XXX.XXX.XXX.XXX 25 - which works when router is set to old mail, but not Exchange.

Kubrik - the only think on the server in question is Exchange.  And if i telnet 192.168.1.26 25 it works fine, problem is when its and external address - could that have something to do with it perhaps?!  Maybe theres a setting that only allows local IP addresses to connect to it?  I bet thats it - brb.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642096
PS, I dont like Windows 2003, Exchange 2003 and the whole active directory idea...  Should have used horde...
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642110
it doesnt seem to be my flash of inspiration - its set to accept all incomming connections
0
 
LVL 7

Expert Comment

by:NicBrey
ID: 9642245
If you put the Exchange server on the current server IP address, does it accepts telnet to port 25 ??
Maybe you should specify the IP address of the router in the exchange configuration - might be a new security setting to prevent SMTP relay  ?
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642278
The only thing that you can do is to investigate tcp traffic with a sniffer or on your server .25, or on pc in teh same lan if your pc's are connected with hubs, not switches.
Try with Ethereal and examine if the connection you try from external ip is tracked by the sniffer.

http://www.ethereal.org
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642313
I cant set the IP the same or I'll get a conflict.  The server accepts local telnet to port 25.  Could it have something to do with the DNS settings?
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642341
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642371
Kubrik - Not ticked - but this might be along the right lines.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642614
dpwdc, a thing...
When you try to connect with telnet from internet, you can see:

1- telnet connect but disconnect quickly
2- telnet says you: "Impossible connect...bla bla.."

what case?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642643
2
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9642749
You telnet external ip from pc on internal lan?
Or you make a dialup internet connection to an isp and then telnet the external ip?
You have to telnet external ip from a pc outside your lan.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9642939
interesting - I'll try the other line and see if that helps
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9643101
Same old connection on port 25 failed mumbo jumbo
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9643905
Its deffinatly Exchange and not the router - I have set it up now on port 26 (set a second SMTP host on port 26 on exchange), and kept the other one on port 25 for testing purposes - Exchange does nothin.

Does anyone know where Exchange blocks connections for people outside its IP range?
0
 
LVL 4

Expert Comment

by:Kokoglen
ID: 9645019
In the Exchange System Manager look in
Servers - [Servername] - Protocols - SMTP
Right click on it and get properties and then look in the tab access, and then connection.  Although its a good idea to look at all the settings.  Thats where it CAN be blocked.

Troubleshooting other things: Make sure the machine doesnt have Internet Connection Firewall enabled.  And also, STOP and START the STMP service.

Also, just for sanity sake, can you ping the exchange server from the outside.  See if you can get to the HTTP OWA client from the outside...it just helps to flesh out the problem a bit.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9646001
http://support.microsoft.com/default.aspx?scid=kb;en-us;319880&Product=exch2003

But his telnet don't succeed in opening connection on port 25 of the server.

dpwdc have you tried with sniffer?
Have you seen if there is some log file on server?

0
 
LVL 1

Author Comment

by:dpwdc
ID: 9648552
The log files are pretty blank - Im going to try re-installing exchange.
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9648562
Hi Kubrik,

If you were thinking of dumping Exchange to start with, and now need to rebuild anyway, why not consider dumpin it   N O W ?

Best regards,
qwaletee
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9648576
Sniffing tcp traffic no eh?
With sniifer if you see connections from external to server port 25, then it sure at 99% that is an exchange/os problem, and you can try reinstall.
If you see no traffic to port 25, then it means that the problem is on router.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9648677
qwaletee - I wasnt thinking of dumping exchange to start with - but im running out of options.  

Having set the pop3/smtp server thingy that comes with Windows Server 2003 as a test (removed Exchange by the way) - that gives the same results - fine internally - no go externally.

Kubric - the url for the sniffer you sent seemed a bit wrong?  was someones homepage.  We did try a sniffer which said that POP3 was fine, HTTP was fine but no SMTP port - which is odd as port 110 isnt set to be open, and I dont have much faith in the sniffer we used.  Can you recomend one?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9648705
Right,

Results of my next test - I set my workstation (Windows 2000) as an SMTP server - set the router to point to me, and that worked...  All fingers are pointing to Windows Server 2003 as far as I can tell?  There MUST be a default value somewhere I need to change.

BTW the server I did the POP3 server test was a different windows 2003 server.
0
 
LVL 1

Expert Comment

by:Kubrik
ID: 9648812
Yes, correct home: www.ethereal.com

can you past here results of "ipconfig /all" and "route print" commands from cmd on your 2003 server?
0
 
LVL 7

Expert Comment

by:NicBrey
ID: 9648817
Here is a nice protol analyser you can use for the test. (30 day trial)
http://www.lyonware.co.uk/Iris.htm

I also believe that it is just a setting that need to be changed on the server. I don't have much Exchange2003 experience, but maybe you should specify somewhere the address(es) that are allowed to connect on port 25.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9648829
Aaaaah, ethereal...

Windows IP Configuration

   Host Name . . . . . . . . . . . . : files
   Primary Dns Suffix  . . . . . . . : testdomain.office
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : testdomain.office

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : ADMtek AN983 based ethernet adapter
   Physical Address. . . . . . . . . : 00-50-BF-9E-08-4A
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.25
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.238
   DNS Servers . . . . . . . . . . . : 192.168.1.25




IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 50 bf 9e 08 4a ...... ADMtek AN983 based ethernet adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.238     192.168.1.25     20
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.1.0    255.255.255.0     192.168.1.25     192.168.1.25     20
     192.168.1.25  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.1.255  255.255.255.255     192.168.1.25     192.168.1.25     20
        224.0.0.0        240.0.0.0     192.168.1.25     192.168.1.25     20
  255.255.255.255  255.255.255.255     192.168.1.25     192.168.1.25      1
Default Gateway:     192.168.1.238
===========================================================================
Persistent Routes:
  None


0
 
LVL 1

Author Comment

by:dpwdc
ID: 9648864
Im going to try using a 2000 server with exchange 2003 to see if Server 2003 is the problem.
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9649631
WOO HOO!  Least we've narrowed down the issue!  Works fine under Windows 2000, but not Windows 2003!
0
 
LVL 4

Expert Comment

by:Kokoglen
ID: 9650892
In the configure your server wizard (the one that pops up at startup), you should have POP3/SMTP role NOT chosen, but you should have SMTP installed in the add remove windows components, which is inside the Application Server, IIS menu.  Is this the same on your system?

Are you using any group policies?
0
 
LVL 1

Author Comment

by:dpwdc
ID: 9746954
That how it was set.  I have rolled back to Win2k now and it all works fine.
0
 
LVL 1

Accepted Solution

by:
GhostMod earned 0 total points
ID: 11532648
PAQed, with points refunded (500)

GhostMod
Community Support Moderator
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question