?
Solved

Outlook 2003 cannot access Fully Qualified mail server names when behind Netgear router

Posted on 2008-06-17
19
Medium Priority
?
506 Views
Last Modified: 2010-04-21
We have an SBS 2003 system behind a Netgear DG834GT firewall. The SBS 2003 server, slightly unusually, runs a Microsoft POP server so that a certain user can collect his Exchange email via POP on his laptop using Outlook 2003 from both within the network (wirelessly via the Netgear) and outside the internal network, from home. The SBS server runs the local DHCP server, not the Netgear.

At home, the user connects to the POP server over the net, no problem.

At the office however, the connection from Outlook to the POP server (assume its called pop.company.com) from his laptop fails. DNS resolves the name to the external public address for pop.company.com and when Outlook tries to connect it fails with a 0x800CCC0F error, connection to server interrupted. However if I replace the FQDN with the local IP of the SBS server, it works fine.

I tried setting up a static route inside the Netgear to point requests for the public IP back inside the LAN, but that didnt work.

What is the best way to fix this problem, to get the laptop to always look at the internal server IP when it resolves pop.company.com from inside the office?
0
Comment
Question by:actionco
  • 9
  • 5
  • 4
  • +1
19 Comments
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 21806929
Add the DNS-entry for pop in the internal DNS and point it to resolve to the internal IP.
Have the client to use DHCP to always get the correct DNS-settings independent if he connects internal or external.
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 21806991
Forgot one thing...
As the server propably already is registered in DNS as server.company.com, you should create an alias (CNAME) instead of an extra host (A) record, and point the CNAME-record to the FQDN for the server. If creating extra A-records, you can get some confusing resolving errors when reverse lookup doesn't match (pop->IP->server).
0
 

Author Comment

by:actionco
ID: 21809982
Thanks, I shall do that and let you know the result.
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 

Author Comment

by:actionco
ID: 21810178
Ok, I've had a look at DNS on the server and I am afraid I didn't get anywhere. I must be doing something wrong but I can't figure out what.

I put in "pop.company.com" as the alias name, I point that to the FQDN (which is our SBS server) e.g. server.company.local but when I ping "pop.company.com" I still get a reply from the external IP, not the internal IP

What am I doing wrong?
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 21812508
Hello actionco,

how are you configuring the pop3, via the pop3 connection manager on the sbs management console, or straight into the user's outlook?
the FQDN of your server (externally) is for example sbs.yourdomain.com or mail.yourdomain.com. the internal FQDN is server.yourcompany.local.
Here is a tutoruial on how to configure pop3 on sbs:
http://www.msexchange.org/tutorials/Configuring-Incoming-Outgoing-Email-Windows-Small-Business-Server-2003.html
but actually, you shouldn't use pop3 at all, you'd better switch to SMTP:
http://sbs.editme.com/Exchange  > switching pop3 to SMTP.


Regards,

suppsaws
0
 

Author Comment

by:actionco
ID: 21812596
Hi - I am not using the POP connection manager, because it isn't the server that is collecting POP email, it is the users laptop collecting it from the pop server running on the SBS box.
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 21812663
ok, that is really NOT the way to go.
If you want to use pop3 for your domain use the sbs pop3 connection manager or (and you better should) use full SMTP or you will get all sorts of trouble.
Don't forget this is SBS, not w2k3 server ... use the WIZARDS ... :p
why are you using a separate pop server on the sbs when the pop3 connection manager is there?
0
 

Author Comment

by:actionco
ID: 21812734
I know it is not the way to go but this is the way the owner of the company wants it configured . His laptop, his company   :-)

The POP3 connection manager is for the SBS server to download email but this SBS server doesn't use POP3, it uses SMTP to receive email. We're using the POP server on the SBS box so that the laptop can connect using POP, we're not using the POP connector to get email to the server.
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 21812762
Huh?
so you mean you are using full SMTP to receive mail, why are you trying to configure pop3 on the laptop then?
just use rpc over http to get his email if he is outside the company, not pop3 .... .

I really don't see the point using pop3 when you can use full smtp, please explain.
0
 

Author Comment

by:actionco
ID: 21812806
We're using POP because that's what the owner wants on his laptop.

RPC over HTTP on his laptop won't work either, because when he inside the internal LAN he won't be able to reach the server - it's getting the external domain name to point to the server that is the issue you see.


0
 
LVL 21

Accepted Solution

by:
suppsaws earned 2000 total points
ID: 21812845
no, you are wrong there.
rpc over http will certainly work, on the ouside AS WELL on the outside.
" it's getting the external domain name to point to the server that is the issue you see."
no, when inside it will see server.mydomain.local, and when outside it will see mail.mydomain.com

rpc over http is the way to go, he needs to get rid of that pop3, only disadvantages there.

a nice tutorial for rpc over http can be found here:
http://sbs.editme.com/outlook

really, why make things MUCH more difficult with ALOT more disadvantages when you can just use rpc over http with full exchange ...
0
 

Author Comment

by:actionco
ID: 21812915
ok, I can see the advantages in what you say. I will have a go when the laptop arrives at the office.
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 21812949
It's your job to persuade him to choose rpc over http instead of pop3 :-)
show him the advantages of both solutions, he should be easilly conviced but it stays a ... manager :p
they mostly don't care about the technical stuff , they don't have time to listen, things must only WORK :)
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 21821287
> I put in "pop.company.com" as the alias name, I point that to the FQDN (which is our SBS server) e.g. server.company.local but when I ping "pop.company.com" I still get a reply from the external IP, not the internal IP

Did you enter pop.company.com as the alias name and got pop.company.com.company.com (or pop.company.com.company.local) as the FQDN for the alias? If so, only enter pop as the alias-name.

If having separated namespace for internal and external DNS and this is the only one single machine that shall be handled this way to have its external DNS-suffix accesible on the intranet, you can create a zone and name it as the FQDN for the machine (pop.company.com). Creae an alias without name and point it on the internal server-FQDN.

0
 

Author Comment

by:actionco
ID: 21858071
The owner hasn't been in the office with his laptop since last week so I have been unable to make any progress. I will post an update here as soon as I can.

0
 
LVL 13

Expert Comment

by:2hype
ID: 21905254
henjoh09 is correct your issue is defintaly with dns.

On your DNS if your local domain is company.com you can create a new alias called pop and point it to the local IP of your pop server or a new host A record and point it to the servers IP Address.

If you domain is not company.com you will need to create a new forward dns zone called company.com and create a new host A record called pop and point it to the servers IP Address.

Ensure your open a command prompt and do a ipconfig /flushdns to remove just incase its still picking up the external IP Address.  Also ensure the laptop is configure to point to your internal dns server.
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 21911354
If creating company.com on the internal server, you will hijack the external zone and nead to add all records into the zone instead of when creating the zone to be the whole FQDN for the server address.
0
 

Author Closing Comment

by:actionco
ID: 31468049
Thanks!
0
 

Author Comment

by:actionco
ID: 21942643
Got the laptop connected using suppsaws suggestions....thanks to everyone else for their input as well.

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Loops Section Overview
Screencast - Getting to Know the Pipeline
Suggested Courses
Course of the Month16 days, 2 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question