Avatar of sdawe70
sdawe70 asked on

Exchange 2007 hub to edge transport error

I have a Hub Transport Server (Windows 2003 SP2 R2 Standard x64) It is a domain member and is running Exchnage 2007 Mailbox, Hub and Client access roles.

I created an edge transport server on the DMZ. (I have allowed access to the hub transport box and tested all the ports needed, communication works) The Edge transport is a Windows 2008 x64 box.

All internet bound messages sit in the que on the hub transport and give the following error:-

451.4.4.0 Primary target IP address responded with 451 5.7.3 "cannot achive Exchange Server authentication" Attemplted Failover to alternate host, but that did not suceed. Either there are no alternate hosts or delivery failed to all alternate hosts.

There are no error messages in the event viewer

The Test-Edgesubscription cmd shows no errors from the hib transport.
 
ExchangeEmail Servers

Avatar of undefined
Last Comment
LegendZM

8/22/2022 - Mon
LegendZM

Have you subscribed the Hub to th edge? Have you installed ADAM on the Edge?

http://technet.microsoft.com/en-us/library/aa996562(EXCHG.80).aspx
Planning for Edge Transport
ASKER
sdawe70

Yes I created the Subscription file on the edge and imported into the Hub Server. It created all the send and receive connectors correctly... except for the error I am getting.

The Edge Server is running Windows 2008 server... ADAM is now called ADLDS (Active Directory Lightweight Directory Services) It is a pre-requisit to installing Edge Transport role on the server.
LegendZM

Can you post the output of Get-RoutingGroupConnector | fl   ?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
LegendZM

On the authentication tab is  Exchange Server Authentication and on the Permission Groups tab is "Exchange Servers selected?
LegendZM

I forgot to include in the previous comment above this to check that on edge server receive connector


http://technet.microsoft.com/en-us/library/bb851506(EXCHG.80).aspx

Open the Exchange Management Console and navigate to Server Configuration\Hub Transport.
#

Select the default Receive connector for the Hub Transport server that you want to configure to receive mail from the Edge Transport server.
#

Right-click the default Receive connector, and then select Properties.
#

Select the Authentication tab.
#

Check the Transport Layer Security (TLS) check box.
#

Check the Exchange Server authentication check box.
#

Click Apply.
#

Click OK.

then force a edge-hub synchronization

Start-EdgeSynchronization -Server <Hub Transport server name>
ASKER
sdawe70

[PS] L:\>Get-RoutingGroupConnector |fl
[PS] L:\>Start-EdgeSynchronization


Result         : Success
Type           : Recipients
Name           : CN=CHAEdge,CN=Servers,CN=Exchange Administrative Group (FYDIBO
                 HF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=M
                 icrosoft Exchange,CN=Services,CN=Configuration,DC=cha,DC=local
FailureDetails :
StartUTC       : 5/27/2008 12:53:52 PM
EndUTC         : 5/27/2008 12:53:53 PM
Added          : 0
Deleted        : 0
Updated        : 0
Scanned        : 169
TargetScanned  : 0

Result         : Success
Type           : Configuration
Name           : CN=CHAEdge,CN=Servers,CN=Exchange Administrative Group (FYDIBO
                 HF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=M
                 icrosoft Exchange,CN=Services,CN=Configuration,DC=cha,DC=local
FailureDetails :
StartUTC       : 5/27/2008 12:53:52 PM
EndUTC         : 5/27/2008 12:53:53 PM
Added          : 0
Deleted        : 0
Updated        : 0
Scanned        : 347
TargetScanned  : 0

Result         : Success
Type           : Configuration
Name           : CN=CHAEdge,CN=Servers,CN=Exchange Administrative Group (FYDIBO
                 HF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=M
                 icrosoft Exchange,CN=Services,CN=Configuration,DC=cha,DC=local
FailureDetails :
StartUTC       : 5/27/2008 12:53:52 PM
EndUTC         : 5/27/2008 12:53:53 PM
Added          : 0
Deleted        : 0
Updated        : 0
Scanned        : 347
TargetScanned  : 0



[PS] L:\>


The routing group command returned nothing

   I had to set up a Send connector to the internet to get them up and running.  The receive connector reveives from the internet at the moment becuase I have pointed the NAT at the hub transport to get email up and running
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
LegendZM

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
sdawe70

Yes.   I have fixed the problem.

   The Certificate on the hub transport was corrupt. I removed it and created a new one for the email domain and all started working.
LegendZM

Glad to hear you got it working.