Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Change exchange ip

Posted on 2007-08-01
8
Medium Priority
?
301 Views
Last Modified: 2008-11-17
Dear sir,
I have exchange server 2003 sp2  windows server 2003 sp2 published on real IP address 195.X.X.X  thus ISA server 2004 . Now I need to change my ISP provider  so I must change my real IP address with the new internet provider , my question is :

1- What are modifications setting on exchange server 2003  must I do it before  transfer form provider to another
 2- What are modifications setting must I do it on ISA server 2004

Regards

0
Comment
Question by:Rifai-Roastery
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 19607469
To answer your 1st question follow the instructions as below
http://www.experts-exchange.com/Networking/Security/Q_22619127.html
on ISA you need to change all the enetries which are pointed to your current real IP.Like you might have opened port 25 for your current Ip.you need to change it.

Why don't you have a firewall and then use NATing with private addresse to your internal network.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 19611762
Mboppe - what do you think ISA server is? What did you think the Publishing rules within ISA do?


Rifai,
Nothing much really to change on ISA server itself except any public IP addresses on the external ISA nic. Becasue you will be natting outbound the trffic, this will not change. As you publish the internal services to te internet, that part will not change either.

If you hve public IP(s) on the external NIC these must all change to match your new ISP's allocated range. If you do not use public IP's on the external ISA nic but forwar taffic from your extrnal rout, then this is where the changs will need to occur.

The link that Mboppe has given is a good coverage of he DNS changes required to set up your new MX records. Be aware that the DNS canges are not instantaneous and need to propagate around the Internet and could, in some instnces, take a number of days fo everyone to pick up the new addrsses.
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 19613600
@keith

Not much,Correct me if I am wrong.
Isn't ISA a another firewall where you need to allow the incoming trafffic on particalur port.Rifai is using the public IP for the exchange server when is changin the IP does he need to change in the ISA to allow smtp traffic to the new IP(new rule)
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 19614783
Morning Mboppe,
Yes it is but not in the same way that any other firewall does it.
Sorry if my previous comment sounded blunt but let me clarify.

For outbound traffic, ISA has a failing - It cannot NAT selctively ie whether you have 1 or 10 external IP addresss on the externalNIC, ISA will always nat to the first IP address listed on the NIC so no chges need to be made on any outbound rules.

For inbound, assuming a normal installation where the relationship between the internal and external interfaces is using NAT. you use the publishing rules rather than creating access rules therefore th IP address on the external nic is not directly named. You use instead the interface name. In the example of the smtp protocol, the publishing rule will say that port 25 traffic arriving on the external interface will be sent to internal ip w.x.y.z - wht it does not do, unless you have manually edited the rule from its wizard installaion state, is say any traffic arriving on the external interface on IP a.b.c.d send it to internal address w.x.y.z

The changes to the ip addresses are all made at the windows operating system level for the external NIC which rebuilds the routing tables that ISA uses (ISA is not a router and depends upon the host OS to perform that function) and as you rightly pointed out on the dns environment, as the ip address on the A record that denotes the MX address will need to be amended to reflect the new numbers.

If there is another router/firewall in front of ISA that is also performing NAT, then there would be no changes to ISA server at all.

Some obviou exceptions to this are:
If VPN's are being used or if multiple IP addresses have been placed on the ISA external NIC and the user has selected to bind to the non-default external ip address.

Regards
keith


0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 19614914
Keith
Thanks for your explanation.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 19615033
Welcome :)
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month20 days, 17 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question