Solved

HELO Response Sending Wrong IP Address

Posted on 2010-08-24
6
1,481 Views
Last Modified: 2013-11-16
For some reason when I send email, fresh install of Exchange Server 2007 on Virtual Win03, my HELO response is giving the address of my firewall's WAN port rather than the NAT assigned external IP of the email server.  I can't find the problem anywhere on the SonicWall 2040 firewall nor in the Exchange settings.  

There is another in progress thread that might help.  If any additional info is needed please let me know as I will provide whatever is needed to help resolve this issue.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26426284.html#a33517107
0
Comment
Question by:jb1023
  • 4
  • 2
6 Comments
 
LVL 24

Expert Comment

by:B H
ID: 33517279
this isn't an exchange setting, it's purely in the sonicwall.  you need to set up the back half of the one-to-one nat entry, i'll find some steps, one min
0
 
LVL 24

Accepted Solution

by:
B H earned 70 total points
ID: 33517306
oh look, it's right here already:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_24166778.html

ctsy of dpk_wal:
Just to verify if you have entered all the setting correctly:
1. In Network > One-to-One NAT page.
2. Select the Enable One-to-One NAT check box.
3. Click Add. Entered 192.1.1.5 IP address [private address of server].
4. Entered 1.2.3.5 IP address [public address of server].
5. Entered 3.
6. Clicked OK; clicked Apply.

For access rule:
Click Firewall, then Access Rules.
Click Add.
Configure the following settings:
" Allow
" Service - HTTP
" Source - WAN
" Destination - LAN 192.1.1.5

Please note indicating WAN/LAN is important.

Please check and update.
0
 
LVL 24

Expert Comment

by:B H
ID: 33517311
you already have rules that say, "when traffic comes in looking for exchange, send em inward to this inside address"

what you're missing is, "when the internal address of the exchange server leaves me, make it look like it's this other wan ip address"
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 24

Expert Comment

by:B H
ID: 33517326
obviously, make sure you're dealing with the correct outside ip address when adding the info above...

find out for SURE what your mx record points to (the external ip of your mail server).  

that ip will need to have the exchange service ports that you use, forwarded to it... and the router will want to spoof that internal ip address to the correct outside ip address.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 55 total points
ID: 33518080
If you are running the 2040, then you're probably running the enhanced os.  if so, you won't find the one-to-one nat under network.  what i'd recommend is to delete the current firewall access rules and nat policies.  even delete the address objects.  create an service group under Firewall > Services and assign all the service ojects required for your email server.  then, run the public server wizard selecting the service group you created.  the wizard will create all the address objects, firewall rules and nat policies.  this will complete the nat rules bryon spoke of.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33522791
Thanks for the points and glad we could help.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question