Exchange 2010 451 4.4.0 Primary Target IP address responded 421 4.2.1 unable to connect.

have a new exchange 2010 installed into a forest with a 2007 server already running, the two exchange servers serve different domains,  on the 2010 server all out going messages sit in queue with the error 451 4.4.0 Primary Target IP address responded 421 4.2.1 unable to connect., i have my send connector set to send to internet.  I can ping mail.domain.com for a domain in queue and it replies, i can nslookup and it resolves fine, but i cannot telnet into it at all..any ideas?
LVL 1
jasonmichelAsked:
Who is Participating?
 
zulumikeConnect With a Mentor Commented:
Have you checked the firewall?
which os is exchange running on?
0
 
MegaNuk3Commented:
Has this only just happened recently? Have you tried the message flow troubleshooting assistant in the Toolbox?Does the Exchange 2010 server have it's own Send Connector? Are any Send Connectors set to deliver to a Smart Host or do they send direct to the Internet via DNS?
0
 
jasonmichelAuthor Commented:
Firewall is fine.. running server2008 yes own send connector sending to internet..this is fresh install
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
jasonmichelAuthor Commented:
Firewall is fine.. running server2008 yes own send connector sending to internet..this is fresh install
0
 
MegaNuk3Commented:
Uninstall AV / EPO / firewall off the Exchange 2010 server and then see if messages start flowing or not.

Does your server have more than 1 NIC installed?
0
 
jasonmichelAuthor Commented:
firewall is off, and there is no AV installed yet.  Yes server only has 1 nic
0
 
jasonmichelAuthor Commented:
heres something odd, i can't telnet to any outside mailserver from inside the network on 25, i wonder if a firewall gpo could be the problem?
0
 
MegaNuk3Connect With a Mentor Commented:
Yes, sounds like you might need to reinstate the port 25 rule on your firewall.

Have you tested telneting out to external domains on port 25 from other machines and not just your exchange server or should they be blocked anyway?

You might want to check that NIC to see if it has multiple IP addresses assigned.  "ipconfig /all" should show if there are multiple IP addresses assigned.
0
 
MegaNuk3Commented:
You can find MX records for other domains with Www.mxtoolbox.com and then try telnet on port 25 from your network to that server (MX record)
0
 
jasonmichelAuthor Commented:
it was an acl on the router, thanks for the help tho
0
 
MegaNuk3Commented:
Thanks for the points and final solution
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.