[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How do I use 2 Internet connections on a single Server 2003/Exchange machine with a domain?

Posted on 2009-04-28
14
Medium Priority
?
262 Views
Last Modified: 2013-12-24
Here is our situation:

We have a Server 2003 machine that is currently hosting our domain and running Exchange via a dual bonded T1. All of the client computers are also using this same connection through the server for Internet. The connection has been great but is not sufficient for the number of clients also using it for Internet so we brought in a high bandwidth cable connection that we would like to use JUST for the Internet (while continuing to use our other connection/IP address for VPN/Exchange/hosting/etc.)

I currently have both Internet connections (two different ISPs with 2 different IP addresses) connected to the server and the server is connected to our LAN (3 NICs.) How can I use our new connection for Internet without affecting everything else?

I've looked into load balancing/etc but haven't really seen a great solution yet. I'm not as concerned with combining both connections as I am with just getting this setup to work. If combining them happens to be the easiest way then I'm willing to go that route but I feel this must be a somewhat common situation and there has to be a simple solution for this! I'm experienced with basic networking as well as Linux but don't have a lot of experience with Windows Server and I've been working on this (and searching the web) for around 3 hours now and haven't found what I'm looking for!
0
Comment
Question by:brojamma
  • 8
  • 6
14 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 2000 total points
ID: 24256056
You need to get the two connections off the server and on to a dual WAN port router. Let a router do the routing, and the server do the serving. Windows is a very poor router.

You can only have one default gateway, so whichever NIC has the default gateway the other NIC will be unable to send or receive traffic correctly. If you use a dual WAN router then the default gateway is the router and then the router does everything else.

Simon.
0
 

Author Comment

by:brojamma
ID: 24263493
Okay - I have a dual WAN router that I can put to use if needed. Here is my new goal:

Switch everything over to the new ISP/IP address
Demote the old connection to simply be a backup

Here is what I've done thus far:

Installed a new (2nd) router (same make/model as the old router) for the new connection with settings identical to the old router (besides the ISP portion of course.)

I changed the MX records for my domain:
MX1 points to mail.mydomain.com (the new IP address)
MX2 points to mail2.mydomain.com (the old IP address)

The DNS has now updated on the Internet. However, when I change the gateway on the server to point to the new connection, SMTP stops functioning. All client computers can connect to the Internet fine using the server as their gateway and VPN connections/etc come in fine but e-mail does not function properly. Is there a DNS issue somewhere?

Also - what is the best way to configure DHCP? Currently I have the server dishing out IP addresses and all other DHCP servers disabled. Right now this results in all clients using DHCP connecting through the old connection (since I have to leave the default gateway on the server pointing to the old connection for email to function properly.) Should I set the new router as the DHCP server instead?

Also - which DNS server should the local clients use? Right now I have them all pointing to the server for DNS because I wanted to avoid any strange local domain issues. Should I just have them use the new router as the DNS address as well? Which DNS server should I have the server use? Does it even matter?

Hopefully this isn't too difficult to follow - everything feels like a mess and it's difficult to describe everything! I appreciate the help. If I'm going about this the wrong way please let me know the best way to do it - I definitely want to be pointed in the right direction!
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 2000 total points
ID: 24265389
In AD, DHCP should ALWAYS be on a domain controller.
Likewise for DNS, that should always be pointing to the domain controllers ONLY. No external DNS servers should be involved.

Then on the domain controllers you have three options.
1. Leave them as configured and use root hints.
2. You could set each DC with a different default gateway and then configure forwarders to the relevant ISP.
3. Use a network independent DNS service, like Open DNS.

You need to be clear about what you mean by email not working. There are so many ways that email can not work, that more information is required to diagnose further.

Simon.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:brojamma
ID: 24282263
At this point my main concern is getting the new connection up and running so just to keep this simple lets assume I'm completely dropping the old Internet connection. So here is my configuration:

New Internet -> New Router -> Windows 2003 Server -> Switch -> clients

The server is the DHCP server, and all clients use it as the gateway and DNS server.

All ports are configured properly on the router. Where things start to become gray for me is configuring the server - I've worked with Windows Servers several times in the past but I only know the basics.

With this configuration, all clients can get on the Internet. The issue is with Exchange - as soon as I change the gateway on the server to point to the new router/Internet connection Exchange stops working. What I mean by "email not working" is that mail cannot be sent or received. As soon as I switch the gateway on the server back to the old router/Internet connection everything works fine and the emails that were attempted earlier are delivered properly. Sent emails are being delivered from the client to the server but they never make it out until the gateway is switched back. There must be some setting in the server binding Exchange to the old external IP somehow but I'm not sure where (or why?)

I appreciate all of the help thus far.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24284539
There are only two things that could be dependant on the old ISP.

External DNS settings on the SMTP virtual server (which shouldn't be there)
A smart host set on the SMTP virtual server (again which shouldn't be there).

After changing the default gateway you can confirm routing by attempting to telnet to a remote email server on port 25.

Simon.
0
 

Author Comment

by:brojamma
ID: 24315272
I can connect to all of the open ports externally so I know it isn't a router configuration issue. There is no External DNS setting or a smart host on SMTP. I've spent several additional hours trying to troubleshoot this and it just isn't working. Everything is still working great as long as I leave the gateway set to the old router/IP. Any other ideas?

It has to be some type of DNS setting somewhere linking the server to the old IP - I just don't know where else to look.

I really appreciate your help thus far Mestha - if nothing else I at least feel like I'm understanding this configuration a little better.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 2000 total points
ID: 24319400
There is nothing on the router that is causing the problem? Something that is dealing with the SMTP?
Have you checked forwarders on the domain controllers?

Simon.
0
 

Author Comment

by:brojamma
ID: 24417246
I've been swamped lately and just recently got a chance to try to figure this issue out again. For testing purposes I unplugged the old connection from the old router and plugged in the new connection to the old router. The outside interface was updated accordingly and all other settings were left the same. The gateway on the server of course stayed the same this time.

No email could be sent or received. The Internet worked fine, remote office forwarded the ports to the proper machines and everything was fine, but Exchange was not working. So...I hooked the old connection back up again and, of course, everything works.

This issue HAS to be a setting on the Server 2003/Exchange machine - there really is no other explanation. Formatting the server and reinstalling everything is out of the question and there really isn't anybody here in town I could call that would be more familiar with Server 2003/Exchange than I am at this point! There definitely isn't anybody here in town more familiar with it than some of the experts on this forum. If you guys can't figure it out I'm in trouble!
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24417419
There is nothing other than IP address restrictions that would stop the email from being received. Although if you have changed the ISP then your external IP address has also changed, which would mean the MX records are invalid. It can take 48 hours before an IP address change is seen by the internet.

Unless you hard reset the router back to the default settings, I have to disagree about it being something on the server. I have already stated the two things that would be ISP specific above.

Simon.
0
 

Author Comment

by:brojamma
ID: 24422900
As of yesterday afternoon, I can now RECEIVE email to my Exchange account from outside. Not sure why because as far as I know nothing has changed. However, I still cannot send email out. From either OWA or Outlook the mail appears to send fine and shows up in the "sent items" folder. However, it is not delivered until I change back to the old ISP.

It's been awhile since I posted this question so you probably forgot the details but the MX records were updated about 3 weeks ago:

MX1 points to mail.mydomain.com (the new IP address)
MX2 points to mail2.mydomain.com (the old IP address)

I've tried using the same router with the exact same settings on both connections and on both connections Internet internally, Remote Office from outside, etc all work without a hitch. From outside I can do a remote desktop connection to mail.mydomain.com to all machines set up for it. The router continues to forward all of those ports exactly the same as before. If you ping mail.mydomain.com from outside you receive a response from the new IP. If, from outside, I go to mail.mydomain.com/exchange, I can access OWA.

I feel like there's still some setting on the server binding part of Exchange to the old outside IP but if you don't think it's a setting on the server what other setting could it be? Mail being sent out should be the easy part!

I cannot thank you enough for all of your help Mestha - especially since this has gone in a different direction than the original question. We have to be getting close!
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24424842
If the messages have been sent then they should be stuck in the queues. If that is the case, when you click on the queues you should get a reason code. What does that say?

Can you telnet to port 25 on any remote servers?

telnet maila.microsoft.com 25

Simon.
0
 

Author Comment

by:brojamma
ID: 24427442
Yes - the messages are stuck in the queue. The error message says, "An SMTP protocol error occurred."

I can telnet to port 25 of a remote server. The ports are all configured properly.
0
 

Author Comment

by:brojamma
ID: 24433090
Since this question has been dragging on so long and has drifted away from the original question I have posted a completely new question here:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24424829.html

I will close this one out. Thanks for your help Mestha.
0
 

Author Closing Comment

by:brojamma
ID: 31575524
I appreciate all of your help!
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question