Solved

Cannot telnet 25 to Exchange 2010 "Could not open connection to host on port 25. Connect Failed"

Posted on 2011-09-22
14
3,397 Views
Last Modified: 2012-05-12
I am setting up a new Exchange 2010 server.  Everything seems to be working properly except for incoming mail.  Telnet to port 25 fails to connect from outside. From inside it connects but "rcpt to" command returns an "Unable to relay".  
0
Comment
Question by:MarkSnark1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
14 Comments
 
LVL 49

Expert Comment

by:Akhater
ID: 36581502
if it not working from outside then you need to fix your firewall

on your firewall you should port forward port 25 from the public IP to the ip of your exchange server
0
 

Author Comment

by:MarkSnark1
ID: 36581676
It is.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36581685
if it is not replying from outside then you have something wrong in your routing or your firewall configuration
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:MarkSnark1
ID: 36581744
It is a simple little Linksys router and  port 25 is forwarded to the Exchange server.  In addition port 443 is forwarded to the Exchange Server and the OWA works.  I have a new router I can put in place.  Is there anyother way to test the current router?  If not I will swap it out.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36581772
is the default gateway of your exchange server your linksys routner?
0
 

Author Comment

by:MarkSnark1
ID: 36581799
Yes, the Exchange server is on a Hyper-V Windows 2008 r2 virtual server and the default gateway is the Linksys router.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36581806
well you need to recheck your linksys config then

your exchange server has only one IP ?
0
 

Author Comment

by:MarkSnark1
ID: 36581832
The Exchange has only one ip.  I am not sure I have the recieve connectors configured properly.  If the recieve connector is wrong would it cause the telnet to port 25 connection to fail?  
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36581843
exactly the point, if you are able to telnet from inside there is no reason (unless a routing issue)  for you not to be able to telnet from outside.

anyway please run get-receiveconnector | fl and post the results please
0
 

Author Comment

by:MarkSnark1
ID: 36581929
Identity                                Bindings                                Enabled
--------                                --------                                -------
FA-VMX\ReciveConnectorFromInternet      {192.168.1.15:25, 0.0.0.0:25}           True
FA-VMX\Client FA-VMX                    {:::587, 0.0.0.0:587}                   True
FA-VMX\From Internal Org                {192.168.1.15:25}                       True
[PS] C:\Windows\system32>get-receiveconnector |fl

RunspaceId                              : f5286908-3b52-4da4-ace8-22c313371b97
AuthMechanism                           : Tls, ExternalAuthoritative
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {192.168.1.15:25, 0.0.0.0:25}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : FA-Vmx.fa.local
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : unlimited
MaxInboundConnectionPercentagePerSource : 100
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 5000
PermissionGroups                        : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : FA-VMX
SizeEnabled                             : EnabledWithoutValue
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : ReciveConnectorFromInternet
DistinguishedName                       : CN=ReciveConnectorFromInternet,CN=SMTP Receive Connectors,CN=Protocols,CN=FA-
                                          VMX,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administ
                                          rative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Conf
                                          iguration,DC=fa,DC=local
Identity                                : FA-VMX\ReciveConnectorFromInternet
Guid                                    : a5e5a9fd-f460-4b4c-9803-7629cf5b3517
ObjectCategory                          : fa.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 9/22/2011 11:07:15 AM
WhenCreated                             : 8/24/2011 4:03:45 PM
WhenChangedUTC                          : 9/22/2011 4:07:15 PM
WhenCreatedUTC                          : 8/24/2011 9:03:45 PM
OrganizationId                          :
OriginatingServer                       : server4.fa.local
IsValid                                 : True

RunspaceId                              : f5286908-3b52-4da4-ace8-22c313371b97
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {:::587, 0.0.0.0:587}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : FA-Vmx.fa.local
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : 5
MessageRateSource                       : User
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : ExchangeUsers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : True
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : FA-VMX
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Client FA-VMX
DistinguishedName                       : CN=Client FA-VMX,CN=SMTP Receive Connectors,CN=Protocols,CN=FA-VMX,CN=Servers
                                          ,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,
                                          CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=f
                                          a,DC=local
Identity                                : FA-VMX\Client FA-VMX
Guid                                    : 4d45e5f4-f94c-432f-b8d5-5391bb8669d7
ObjectCategory                          : fa.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 8/24/2011 4:03:46 PM
WhenCreated                             : 8/24/2011 4:03:46 PM
WhenChangedUTC                          : 8/24/2011 9:03:46 PM
WhenCreatedUTC                          : 8/24/2011 9:03:46 PM
OrganizationId                          :
OriginatingServer                       : server4.fa.local
IsValid                                 : True

RunspaceId                              : f5286908-3b52-4da4-ace8-22c313371b97
AuthMechanism                           : Tls, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {192.168.1.15:25}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : FA-VMX.fa.local
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 100
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : ExchangeServers, ExchangeLegacyServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {192.168.1.15}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : FA-VMX
SizeEnabled                             : EnabledWithoutValue
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : From Internal Org
DistinguishedName                       : CN=From Internal Org,CN=SMTP Receive Connectors,CN=Protocols,CN=FA-VMX,CN=Ser
                                          vers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Gro
                                          ups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,
                                          DC=fa,DC=local
Identity                                : FA-VMX\From Internal Org
Guid                                    : 89d129c6-0799-4090-9907-b8805573ca63
ObjectCategory                          : fa.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 9/16/2011 2:32:15 PM
WhenCreated                             : 9/16/2011 2:29:38 PM
WhenChangedUTC                          : 9/16/2011 7:32:15 PM
WhenCreatedUTC                          : 9/16/2011 7:29:38 PM
OrganizationId                          :
OriginatingServer                       : server4.fa.local
IsValid                                 : True
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36582875
that's looks correct

can you please try to disable the "From Internal Org" connector and try again from outside ?
0
 

Author Comment

by:MarkSnark1
ID: 36583297
I disabled the From Internal Org, rebooted the server and I am still recieving the following message when telnet remote.x.org 25.

I also swapped out the router/firewall with a brand new router.


C:\Users\XXXXXXXX>telnet remote.x.org 25
Connecting To remote.X.org...Could not open connection to the host, on port 25: Connect failed

C:\Users\xxxxxxx>
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 36585208
ok you have only one connector "ReciveConnectorFromInternet" enabled and it is listening to the port 25 and the remote IP range is 0.0.0.0 so it should reply to smtp without any issues unless you have something blocking.


the port forwarding is made on 192.168.1.15 ??

Also please disable windows firewall and test again.

Finally totally disable any 3rd party firewall and or anti virus that you have on the server that might be blocking smtp traffic
0
 

Author Closing Comment

by:MarkSnark1
ID: 36709673
Thank you for your help
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses
Course of the Month7 days, 17 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question