Solved

Changing exch 2010 server from a private IP to a Public IP. Exchange management console errors out.

Posted on 2013-06-06
11
320 Views
Last Modified: 2013-06-07
I had my exchange up and working on a dynamic public IP with port forwarding (HTTPS + SMTP) to my private IP on my ATT Uverse residential router.  ATT uverse residential routers do not allow for NAT mapping of a public to a private so you need to put the public IP directly on the NIC.  I was warned I may be blacklisted due to having a dynamic IP so I went ahead and switched to a pool of 5 usable static public IPs.  I turned off the static private IP on the NIC of my Exchange server so I could assign the public IP.  

It now has the public IP but now the exchange console will not load.  I get the error in the screen shot. (First SS)

I added my static IP subnet to AD sites and services (Second SS) but no luck.

I did the above because http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/e506edbb-788c-4eb9-8525-f252e78e3044 forum mentioned it.

Thanks.
exch.PNG
AD.PNG
0
Comment
Question by:OHarrisNetworks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
11 Comments
 
LVL 15

Accepted Solution

by:
jrhelgeson earned 300 total points
ID: 39226353
You need to make the changes in your DNS server. Update all the former IP addresses to the new one, then restart the services.
0
 

Author Comment

by:OHarrisNetworks
ID: 39226596
Sorry, restart what services?
0
 
LVL 15

Expert Comment

by:jrhelgeson
ID: 39226712
Reboot the server, or restart all the exchange services.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 

Author Comment

by:OHarrisNetworks
ID: 39227223
Rebooted DC and restarted Child exchange server.  Still no luck.
dns.PNG
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
ID: 39227393
I wouldn't put the public IP address directly on the server.
If you have to pass through the data directly, then you should put a router in to do the work for you. A cable router would be ideal, as it has an Ethernet port for the WAN side.

Another option would be an old piece of hardware and something like pfsense or monowall. It would need two NICs. If you are using VMWARE or HyperV then you could install those in to a VM.

I haven't put external IP addresses directly on a server since about 1999.

Simon.
0
 
LVL 15

Expert Comment

by:jrhelgeson
ID: 39227436
You're puting the dns in the wrong place. You need to update the A record in the oharris.local Zone.
0
 

Author Comment

by:OHarrisNetworks
ID: 39227495
This is my forward lookup zone.
dns2.PNG
0
 

Author Comment

by:OHarrisNetworks
ID: 39227505
Simon, from what I've ready other hardware (routers +firewalls)do not play nice with the 2wire router from uverse residential.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
ID: 39228452
If they are sending the external IP address straight through to the internal interface there should be no problem with putting a router behind it - that is what I would expect they are expecting you to do. Directly exposing the server to the internet in that way is considered a major security issue.

Not being in the USA, the uvrese residential service is not something I have any experience with.

Simon.
0
 

Author Comment

by:OHarrisNetworks
ID: 39228722
http://www.ka9q.net/Uverse/nat.html

I could be reading this wrong but I will give it a shot!
0
 

Author Closing Comment

by:OHarrisNetworks
ID: 39229037
I reverted back to a private IP with port forwarding from my gateway, after reboots and changing DNS back I atleast got my exchange server up.  Thanks guys/gals!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question