getting external email to exchange 2010 via tmg 2010

Hi all, ive just installed an exchange server behind a tmg 2010 server

i have added the accepted domains to the exchange server and the * send connector
and i have all my users mailboxes

ive forward port 25 from my router the firewall, that correct or should forward it to the exchange server directly?

what is the next step to enable user sto receive their external emails

Thanks
LVL 1
awilderbeastAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
awilderbeastConnect With a Mentor Author Commented:
i added the edge transport role to the firewall and all is working now
0
 
Glen KnightCommented:
In the Exchange Management Console navigate to Server Configuration > Hib Transport.

Right click on the receive connector that starts with Default and select properties.

On the last tab check the "anonymous users" check box.  This will allow you to receive emails.
0
 
awilderbeastAuthor Commented:
and by forwarding port 25 to my firewall thats right?

will the firewall automaticlly pass on the emails?

thanks
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Glen KnightCommented:
No you will need to ensure that port 25 is being forwarded to your exchange server.

There is a wizard in FTMG to publish mail services
0
 
awilderbeastAuthor Commented:
publish mail server wizard?

i just run that added smtp server to it and forwarded it to the exchanges ip address and added external and internal networks too it

i did a send and recieve on outlook and recieve failed with reported error 0x80190194
0
 
awilderbeastAuthor Commented:
and on can youseeme.org i put in port 25 and connection times out it fails :S
0
 
awilderbeastAuthor Commented:
i can see in the firewall logging that smtp is being denied

0
 
Glen KnightCommented:
The send and receive on outlook has nothing to do with SMTP comming in to your exchange server.

What exactly have you done with FTMG?
0
 
awilderbeastAuthor Commented:
only thing i have done is created the mail server publishing rule

to forward smtp to my exchanges ip address

when i go to loggin though i can see that smtp is being denied still
0
 
Glen KnightCommented:
And you have enabled the rule and then applied it to FTMG?

Can you provides screencapture of the rules screen?
0
 
awilderbeastAuthor Commented:
0
 
Glen KnightCommented:
Can you post screenshot of the rule you have created please?
0
 
awilderbeastAuthor Commented:
See above
0
 
Glen KnightCommented:
No I mean the actual rule you have created.
The tabs.
0
 
awilderbeastAuthor Commented:
sorry here they are

thanks
set1.PNG
set2.PNG
set3.PNG
set4.PNG
set5.PNG
0
 
Glen KnightCommented:
On the networks tab can you check External and then apply the change.

What happens then?
0
 
awilderbeastAuthor Commented:
no luck, smtp is still coming up as denied on logging

would i need to do anything to the exchange server?
0
 
Glen KnightCommented:
No, there must be another rule blocking it.
What rule does it say it has been denied by?
0
 
Glen KnightCommented:
Have you made the change on the receive connector like I mentioned previously?
0
 
awilderbeastAuthor Commented:
yeah the recieve connector on the hub transport i clicked annoymous yes

its blocked by the default rule which is the last rule, so its ignoring the publish completely

ive delted the rules and am starting the publish mail server wizard again

access type > do i set it to client access or server to server communication?

thanks
0
 
Glen KnightCommented:
0
 
awilderbeastAuthor Commented:
ok..

under accepted authoratitve domains does this apply to internal names only?

or my external mx record mail.mydomain.com?

do i put my internal name space in ther domain.local?

thanks
0
 
awilderbeastAuthor Commented:
ok ive created the policy now

below all screens that ive done

still getting smtp denied

but i did delte the publish smtp server rule from firewall policy, do i need to recreate that again
e1.PNG
e2.PNG
e3.PNG
e4.PNG
i1.PNG
i2.PNG
i3.PNG
0
 
awilderbeastAuthor Commented:
heres what the logging is saying now

Log type: Firewall service
Status: No connection could be made because the target machine actively refused it.  
Rule: [System] Allow SMTP traffic to the local host for mail protection and filtering
Source: External (92.29.159.111:60236)
Destination: Local Host (192.168.200.1:25)
0
 
Glen KnightCommented:
Can you telnet to the exchange server using port 25?

So type the following at a command prompt:

telnet server_ip 25

replace server_ip with the IP address.

What do you get?
0
 
awilderbeastAuthor Commented:
i get

220 CH-EX.domain.local Microsoft ESMTP MAIL Service ready at Sun, 11 Apr 2010 13:
00:38 +0100
0
 
Glen KnightCommented:
Was that from the server that has FTMG installed? If not can you please try it fromthat server.
0
 
awilderbeastAuthor Commented:
yeah i did that from the TMG install telnet client and ran that on the TMG server
0
 
Glen KnightCommented:
Can you do a full test as per: http://support.microsoft.com/kb/153119

useyour domain name on the ehlo command and valid internal email addresses
0
 
awilderbeastAuthor Commented:
ok i did it all here

code below

did those screens i provided of the email policy look right?
220 CH-EX.works.local Microsoft ESMTP MAIL Service ready at Sun, 11 Apr 2010 13:
21:23 +0100
ehlo domain.local
250-CH-EX.domain.local Hello [192.168.101.10]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW

MAIL FROM:alex@domain.lcoal
250 2.1.0 Sender OK

RCPT TO:alex@domain.local
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
subject: test message

this is a test message.
.



250 2.6.0 <619e754d-7c7f-4d8a-903f-74186fda917f@CH-EX.domain.local> [InternalId=1
] Queued mail for delivery

Open in new window

0
 
Glen KnightCommented:
They look OK but I don't have a FTMG server to compare it with until tomorrow.
0
 
awilderbeastAuthor Commented:
the failed connection

Failed Connection Attempt CH-FW 11/04/2010 12:53:21
Log type: Firewall service
Status: No connection could be made because the target machine actively refused it.  
Rule: [System] Allow SMTP traffic to the local host for mail protection and filtering
Source: External (91.214.228.206:4045)
Destination: Local Host (192.168.200.1:25)
Protocol: SMTP


the rule, this is the email policy rules that i just created?

and i dont need to create a firewall policy rule anymore, just need the email policy rule?
0
 
awilderbeastAuthor Commented:
for now then ive just changed the port to be forwarded straight to the exchange server bypassing the proxy and i can recieve emails now :)

will you eb able to help me out with the firewall tomorrow?

Thanks
0
 
awilderbeastAuthor Commented:
any update?

thanks
0
 
Glen KnightCommented:
Sorry about that, completely lost track of where we were.

What stage are you at now?
0
 
awilderbeastAuthor Commented:
same, i temporarily just forwarded port 25 straight to the exchange server so we had email, TMG has been left in the state as per the screenshots above

The only thing ive done is changed external emails to go to my isps smart host instead of using my DNS server

the firewall was still denying port 25 though

now i have the email policies do i have to create a firewall policy for them also?

Thanks
0
 
Glen KnightCommented:
let me see if I can get access to one of my FTMG servers.
0
 
awilderbeastAuthor Commented:
any luck bud?

0
 
Glen KnightCommented:
I am struggling to get access to one at the moment.
Hopefully later today :(
0
 
awilderbeastAuthor Commented:
any updates?

thanks
0
 
awilderbeastAuthor Commented:
i still havent manage to get it done, ive deleted and created the rules so many times and no ive done it right, you manged to get your hands on a tmg yet?

Thanks for your help
0
All Courses

From novice to tech pro — start learning today.