Solved

mailflow between India HUB transport and US HUb Transport not working, both the ways

Posted on 2010-09-11
9
4,982 Views
Last Modified: 2013-11-13
I am having an issue wherein one of my location is not able to to send and receive emails from US Location.

India HO Location >>> US - Canada Location

India Servers
2 HUB Transport servers running Windows 2003 SP2

Canada Location
2 HUB Transport servers running Windows 2008 SP2

When we are sending emails from India Noida location Exchange servers they are getting queued in Remote delivery queue with Last error as 451 4.4.0 Primary target IP address responded with: "454 4.7.0 Temporary authentication failure.

Getting 2 event ids:
=======================================================================
Event Type:      Warning
Event Source:      MSExchangeTransport
Event Category:      SmtpSend
Event ID:      2003
Date:            9/10/2010
Time:            8:30:14 PM
User:            N/A
Computer:      XXX-N1
Description:
Send connector Intra-Organization SMTP Send Connector has failed to authenticate with 172.18.102.95:25. The response from the remote site is 454 4.7.0 Temporary authentication failure
==================================================================
Event Type:      Warning
Event Source:      MSExchangeTransport
Event Category:      SmtpReceive
Event ID:      1035
Date:            9/10/2010
Time:            8:45:32 PM
User:            N/A
Computer:      XXXXX-N1
Description:
Inbound authentication failed with error IllegalMessage for Receive connector Default XXXX-N1. The authentication mechanism is ExchangeAuth. The source IP address of the client who tried to authenticate to Microsoft Exchange is [172.18.102.95]
===========================================================================
Troubleshooting steps carried out
1) Time is in sync with DC's
2) No duplicate SPN
3) Ports are opened
4) While pinging both the HUb Transport servers with setting MTU size of 1472 is not working, ping response comes by setting 530 bytes
ping servername -f -l 530
5) 968389 uninstalled this hotfix from all Hub Transport servers
6) There was one receive connector for relaying application servers emails in which Exchange IP addresses were listed, removed them.
7) Disabled Client receive connector and other receive connectors only kept Default receive connector, still the same issue
8) Default DC policy is having everyone, administrators and authenticated users listed for allow this computer from network
9) In smtpreceive connector logs I am seeing that whenever connection is coming from Remote that is US Exchagne servers it showing the below error:
=======================================================================
180.190.3.11:25,172.18.102.96:36696,<,X-EXPS EXCHANGEAUTH,
2010-09-11T08:31:35.795Z,HOEXCH-HC-N2\Default HOEXCH-HC-N2,08CD1F8766FE72F5,41,180.190.3.11:25,172.18.102.96:36696,*,,Inbound ExchangeAuth negotiation failed because of IllegalMessage
2010-09-11T08:31:40.795Z,XXXX-N2\Default XXXX-N2,08CD1F8766FE72F5,42,180.190.3.11:25,172.18.102.96:36696,>,454 4.7.0 Temporary authentication failure,
=========================================================================

Please help on this I am running out of ideas, seems like there is some problem with the authentication set on default receive connectors.

Regards,
PK
0
Comment
Question by:Punniyakotti
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 33

Expert Comment

by:Busbar
ID: 33653308
can you make sure that both receive connector have Exchange server permissions configured
0
 

Author Comment

by:Punniyakotti
ID: 33653348
Thanks for the prompt response
On all the Exchange servers - Exchange server permissions are configured
0
 
LVL 33

Expert Comment

by:Busbar
ID: 33653366
please check that both have connectivity to AD and that time is synchronized between the machines
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Punniyakotti
ID: 33653430
Yes. Time is in sync.
0
 
LVL 33

Expert Comment

by:Busbar
ID: 33653636
0
 

Accepted Solution

by:
Punniyakotti earned 0 total points
ID: 33653887
Issue resolved by uninstalling hotfix
968389.

975467
0
 

Author Comment

by:Punniyakotti
ID: 33653890
Busbar thanks alot for your prompt response.
0
 

Author Comment

by:Punniyakotti
ID: 33670327
Issue resolved
0
 

Author Comment

by:Punniyakotti
ID: 33670331
Please close
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ADFS trust for Skype 4 15
NLB +DAG 8 45
active directory, exhange 12 56
I'm being stupid with my powershell 2 24
This article explains how to install and use the NTBackup utility that comes with Windows Server.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question