Solved

Exchange mailserver stopped working when router was replaced

Posted on 2011-03-10
13
317 Views
Last Modified: 2012-05-11
Because of an ADSL line upgrade we were forced to change our router.

I plugged in the new router, set up the ISP username and password, gave it the right internal IP address (A.B.C.2) and hey presto, we were on the internet again, and VoIP was working.

However, our Exchange mailserver, on the SBS server at A.B.C.253, while able to send mail out, was not collecting any external mail.

We got 5 static IP addresses from our ISP, viz:

"    *  the network address is: X.Y.Z.192
    * your router/hub address is: X.Y.Z.198
    * your subnet mask address is: 255.255.255.248 if you have 5 Static IP addresses or 255.255.255.240 if you have 13 Static IP addresses
Your computers can use addresses from X.Y.Z.193 to X.Y.Z.197 "

In DNS our mailserver is set to X.Y.Z.193, but the router is X.Y.Z.198

I think we simply need to set up a route in the router that will convert external IP = X.Y.Z.193 to internal IP = A.B.C.253

correct?
0
Comment
Question by:zorba111
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 125 total points
ID: 35094174
You need to forward port 25 being received on x.y.z.193 to a.b.c.253
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 35094197
Try adding the following line:

ip nat inside source static tcp A.B.C.253 25 X.Y.Z.193 25


Also, you need to check that the DNS for your domain name is correct if you have been assigned a different IP range from what you had before.  If you have the same IP range you can ignore the below...

In your DNS zone you need to check the MX record to get the hostname of your mail server, then edit the A record for that host.
So, if your MX record is MAIL.YOURDOMAIN.COM you need to change the IP address for the host called MAIL to X.Y.Z.193
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 35094213
Eek... Just noticed I posted a config for Cisco routers!

Agree with demazter.
0
 

Author Comment

by:zorba111
ID: 35094285
thanks guys,

just to point out that NOTHING else has changed, just the ADSL line was upgraded
(AFAIK all our ADSL subscription details are the same, surely the ISP wouldn't change these without notifying us, or have any need to change these?)

...which necessitated a change of router

so @craigbeck, we shouldn't need to change DNS


0
 

Author Comment

by:zorba111
ID: 35094349
just to check guys:

The info i got from the ISP is:

"    *  the network address is: X.Y.Z.192
    * your router/hub address is: X.Y.Z.198
    * your subnet mask address is: 255.255.255.248 if you have 5 Static IP addresses or 255.255.255.240 if you have 13 Static IP addresses
Your computers can use addresses from X.Y.Z.193 to X.Y.Z.197 "


therefore, any traffic for IP addresses in the range X.Y.Z.193 to X.Y.Z.197 will wind up at our router (with IP address X.Y.Z.198) ?

funny, when I ping the IPs from X.Y.Z.192 to X.Y.Z.198

I get replies from a weird IP address, 81.148.64.1, for all but the "router" IP (X.Y.Z.198).

Is this significant?
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 125 total points
ID: 35094443
If nothing has changed then DNS is fine.

If you don't have any services forwarded to other addresses from your range there will be no reply, so the replies from 81.148.64.1 will be from your ISP.


Some routers do this differently.  If you have a Cisco router you can let its dialer interface use the address your ISP told you to assign to your router, then add the other IP addresses via NAT translations.  Other routers won't allow you to do this, so you have to set the WAN to DHCP and the LAN to the address the ISP told you to assign to your router.  This would mean that your LAN is actually on the public internet, and you don't want that.

What router do you have?
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 

Author Comment

by:zorba111
ID: 35094561
Our "new" router is a Draytek Vigor 2800G. I say "new" because we actually used it on the LAN before we got the juniper.

I looked at the Port Forwarding table on the Draytek, and there already is an entry, called SBS-EXCH, which redirects any TCP traffic on port 25, to A.B.C.253, port 25.

So its something else stopping the email reaching the server?
0
 

Assisted Solution

by:tgultekin
tgultekin earned 250 total points
ID: 35094694
I guess there is 1 ADSL port and a WAN port on the Draytek, you must forward port 25 from ADSL line to A.B.C.253... port 25
0
 

Author Comment

by:zorba111
ID: 35094905
@tgultekin
there is only an ADSL port on the Draytek, no seperate WAN port...
0
 

Assisted Solution

by:zorba111
zorba111 earned 0 total points
ID: 35095513
I think I know what was missing!!

The router didn't know that it was acting as an access point for a RANGE of IP addresses, it thought it was only acting as ONE IP address (the router IP address X.Y.Z.198).

In the router config pages:

Internet Access > PPPoE / PPPoA > IP Address From ISP > WAN IP Alias > <fill in all the other static IPs!!>

As the manual says:

WAN IP Alias - If you have multiple public IP addresses and
would like to utilize them on the WAN interface, please use WAN
IP Alias. You can set up to 8 public IP addresses other than the
current one you are using.

I added in the other static IP addresses that we are leasing from our ISP, including the one that our mailserver is using, and lo and behold! mail started arriving in our inboxes !!!

ONe question, should I tick the box "Join NAT IP Pool" at the end of each line in the "WAN IP Alias" field ?
0
 

Assisted Solution

by:tgultekin
tgultekin earned 250 total points
ID: 35096415
@zorba111: No you don't have to select "Join NAT IP Pool".
Having that box enabled randomises the outgoing IP address from the pool.
If you are using MultiNAT, multiple port forwards,LAN users could have problems with banking or other high security sites.
0
 

Author Comment

by:zorba111
ID: 35198884
@tgultekin

I didn't want to change this setting as things seemed to be working "if it ain't broke don't fix it" IIABDFI ? lol.
As it happens we did start to have problems with a banking site after switching routers. I remembered this last post (but not your explicit warning about banking sites - my bad), so came back to it and discovered your solution. So many thanks....

note to self... MultiNAT is mapping internal IP addresses (...NAT) to >1 (...multi) external IP addresses.

see also:
http://www.draytek.co.uk/support/kb_vigor_multinat.html
0
 

Author Closing Comment

by:zorba111
ID: 35230046
tagged my own answer as I got there on my own largely, but others comments helped my overall understanding. Especially tgultekin who helped prevent another problem that arose that wasn't anticipated in the original problem.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now