Change exchange ip

Dear sir,
I have exchange server 2003 sp2  windows server 2003 sp2 published on real IP address 195.X.X.X  thus ISA server 2004 . Now I need to change my ISP provider  so I must change my real IP address with the new internet provider , my question is :

1- What are modifications setting on exchange server 2003  must I do it before  transfer form provider to another
 2- What are modifications setting must I do it on ISA server 2004

Regards

Rifai-RoasteryAsked:
Who is Participating?
 
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Morning Mboppe,
Yes it is but not in the same way that any other firewall does it.
Sorry if my previous comment sounded blunt but let me clarify.

For outbound traffic, ISA has a failing - It cannot NAT selctively ie whether you have 1 or 10 external IP addresss on the externalNIC, ISA will always nat to the first IP address listed on the NIC so no chges need to be made on any outbound rules.

For inbound, assuming a normal installation where the relationship between the internal and external interfaces is using NAT. you use the publishing rules rather than creating access rules therefore th IP address on the external nic is not directly named. You use instead the interface name. In the example of the smtp protocol, the publishing rule will say that port 25 traffic arriving on the external interface will be sent to internal ip w.x.y.z - wht it does not do, unless you have manually edited the rule from its wizard installaion state, is say any traffic arriving on the external interface on IP a.b.c.d send it to internal address w.x.y.z

The changes to the ip addresses are all made at the windows operating system level for the external NIC which rebuilds the routing tables that ISA uses (ISA is not a router and depends upon the host OS to perform that function) and as you rightly pointed out on the dns environment, as the ip address on the A record that denotes the MX address will need to be amended to reflect the new numbers.

If there is another router/firewall in front of ISA that is also performing NAT, then there would be no changes to ISA server at all.

Some obviou exceptions to this are:
If VPN's are being used or if multiple IP addresses have been placed on the ISA external NIC and the user has selected to bind to the non-default external ip address.

Regards
keith


0
 
Malli BoppeCommented:
To answer your 1st question follow the instructions as below
http://www.experts-exchange.com/Networking/Security/Q_22619127.html
on ISA you need to change all the enetries which are pointed to your current real IP.Like you might have opened port 25 for your current Ip.you need to change it.

Why don't you have a firewall and then use NATing with private addresse to your internal network.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Mboppe - what do you think ISA server is? What did you think the Publishing rules within ISA do?


Rifai,
Nothing much really to change on ISA server itself except any public IP addresses on the external ISA nic. Becasue you will be natting outbound the trffic, this will not change. As you publish the internal services to te internet, that part will not change either.

If you hve public IP(s) on the external NIC these must all change to match your new ISP's allocated range. If you do not use public IP's on the external ISA nic but forwar taffic from your extrnal rout, then this is where the changs will need to occur.

The link that Mboppe has given is a good coverage of he DNS changes required to set up your new MX records. Be aware that the DNS canges are not instantaneous and need to propagate around the Internet and could, in some instnces, take a number of days fo everyone to pick up the new addrsses.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Malli BoppeCommented:
@keith

Not much,Correct me if I am wrong.
Isn't ISA a another firewall where you need to allow the incoming trafffic on particalur port.Rifai is using the public IP for the exchange server when is changin the IP does he need to change in the ISA to allow smtp traffic to the new IP(new rule)
0
 
Malli BoppeCommented:
Keith
Thanks for your explanation.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Welcome :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.