Solved

HELO Response Sending Wrong IP Address

Posted on 2010-08-24
6
1,474 Views
Last Modified: 2013-11-16
For some reason when I send email, fresh install of Exchange Server 2007 on Virtual Win03, my HELO response is giving the address of my firewall's WAN port rather than the NAT assigned external IP of the email server.  I can't find the problem anywhere on the SonicWall 2040 firewall nor in the Exchange settings.  

There is another in progress thread that might help.  If any additional info is needed please let me know as I will provide whatever is needed to help resolve this issue.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26426284.html#a33517107
0
Comment
Question by:jb1023
  • 4
  • 2
6 Comments
 
LVL 24

Expert Comment

by:B H
ID: 33517279
this isn't an exchange setting, it's purely in the sonicwall.  you need to set up the back half of the one-to-one nat entry, i'll find some steps, one min
0
 
LVL 24

Accepted Solution

by:
B H earned 70 total points
ID: 33517306
oh look, it's right here already:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_24166778.html

ctsy of dpk_wal:
Just to verify if you have entered all the setting correctly:
1. In Network > One-to-One NAT page.
2. Select the Enable One-to-One NAT check box.
3. Click Add. Entered 192.1.1.5 IP address [private address of server].
4. Entered 1.2.3.5 IP address [public address of server].
5. Entered 3.
6. Clicked OK; clicked Apply.

For access rule:
Click Firewall, then Access Rules.
Click Add.
Configure the following settings:
" Allow
" Service - HTTP
" Source - WAN
" Destination - LAN 192.1.1.5

Please note indicating WAN/LAN is important.

Please check and update.
0
 
LVL 24

Expert Comment

by:B H
ID: 33517311
you already have rules that say, "when traffic comes in looking for exchange, send em inward to this inside address"

what you're missing is, "when the internal address of the exchange server leaves me, make it look like it's this other wan ip address"
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 24

Expert Comment

by:B H
ID: 33517326
obviously, make sure you're dealing with the correct outside ip address when adding the info above...

find out for SURE what your mx record points to (the external ip of your mail server).  

that ip will need to have the exchange service ports that you use, forwarded to it... and the router will want to spoof that internal ip address to the correct outside ip address.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 55 total points
ID: 33518080
If you are running the 2040, then you're probably running the enhanced os.  if so, you won't find the one-to-one nat under network.  what i'd recommend is to delete the current firewall access rules and nat policies.  even delete the address objects.  create an service group under Firewall > Services and assign all the service ojects required for your email server.  then, run the public server wizard selecting the service group you created.  the wizard will create all the address objects, firewall rules and nat policies.  this will complete the nat rules bryon spoke of.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33522791
Thanks for the points and glad we could help.
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now