• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

DNS and routing issues with dyndns and firewall

we have the following

server1 - domain controller 2003
server2 - exchange 2003, domain controller

linux router running iptables.

our active directory domain is like domain.local

I added another wan ip to the router and forwarded smpt,imap4 and pop to the exchange server

I can send out email successfully.

I want to use dyndns to configure our DNS domain which is ourdomain.net to work with our exchange server.  Meaning I want to receive email on our exchange server. Right now the domain is resolving to an external provider.

How can I do this?
0
rilliam
Asked:
rilliam
  • 3
  • 3
  • 2
1 Solution
 
harleyjdCommented:
Your dyndns account will allow you to set the IP of your WAN IP. Every dyn service is different - they all have a webpage you can use to set it, others have dynamic clients that detect it at change it for you.

I have to assume the wan ip you set is one given you by your ISP.

0
 
rilliamAuthor Commented:
Is there a way to test my ability to receive email from the outside without moving our dns name over?
0
 
rilliamAuthor Commented:
My domain is .local, wont this effect my ability to recieve email on the excahnge server?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
harleyjdCommented:
In exchange system manager you will need to edit the default policy under Recipients > Recipient Policies to include @yourdomain.com as the primary. When you add it also check the "this exchange organisation is responsible for all mail delivery to this address". Then right click the policy and apply now.

This will change all your users to include the external email address.

then you can perform manual tests

http://www.petri.co.il/test_smtp_service.htm
http://support.microsoft.com/?kbid=323350

0
 
scdavisCommented:
>  I want to use dyndns to configure our DNS domain which is
>  ourdomain.net to work with our exchange server.  Meaning
>  I want to receive email on our exchange server. Right now the
>  domain is resolving to an external provider.

>  How can I do this?

First, stop using DynDNS.  If you're allocated an IP address, make it static. Yell, scream and pay your ISP.  Sending SMTP to a "floating" host really erks me.

DNS/MX records  -- weren't really meant to deal with boxen that "float".  rDNS is even more nutty in a dyn-dns environment.  

In short, your SMTP, just like your HTTP might be at address a.b.c.d.

You're making services available to the "planet" -- and wanting them to be reliable..  Flippity-Floping the IP address of the hosting boxen is going to do all but obfuscate the situation.  

DynDNS is cheap and silly.  fsck it..  

good luck,
Sc.
0
 
rilliamAuthor Commented:
Excellent Thanks alot for reading my mind.
0
 
harleyjdCommented:
we try, mate, we try, :)

0
 
scdavisCommented:
rillam,

I assume you know what MX records are now.

Make your Dyn-DNS box "lowest cost MX".  Get your ISP to handle Secondary and Tertiary MX costs for your domain -- and store/forward email to "you".

Without that, you're going to lose email.. because some ISPs cache DNS values for 24-48 hours.. nevermind how "dynamic" you want them to be.  (they ignore the TTL, technically.. see NANOG for recent discussion.)  



I want to make a rant here:  DynDNS is stupid.  End of story.  An IP address is always assigned to your (external) interface, yes?  If one IP-addr is in use, why not make it static?  What would that cost?!  Space is ARIN registered, be it either dynamic or static..  

Grumble.  

Best wishes,
Scott..



0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now