Solved

Changing exch 2010 server from a private IP to a Public IP. Exchange management console errors out.

Posted on 2013-06-06
11
313 Views
Last Modified: 2013-06-07
I had my exchange up and working on a dynamic public IP with port forwarding (HTTPS + SMTP) to my private IP on my ATT Uverse residential router.  ATT uverse residential routers do not allow for NAT mapping of a public to a private so you need to put the public IP directly on the NIC.  I was warned I may be blacklisted due to having a dynamic IP so I went ahead and switched to a pool of 5 usable static public IPs.  I turned off the static private IP on the NIC of my Exchange server so I could assign the public IP.  

It now has the public IP but now the exchange console will not load.  I get the error in the screen shot. (First SS)

I added my static IP subnet to AD sites and services (Second SS) but no luck.

I did the above because http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/e506edbb-788c-4eb9-8525-f252e78e3044 forum mentioned it.

Thanks.
exch.PNG
AD.PNG
0
Comment
Question by:OHarrisNetworks
  • 6
  • 3
  • 2
11 Comments
 
LVL 15

Accepted Solution

by:
jrhelgeson earned 300 total points
ID: 39226353
You need to make the changes in your DNS server. Update all the former IP addresses to the new one, then restart the services.
0
 

Author Comment

by:OHarrisNetworks
ID: 39226596
Sorry, restart what services?
0
 
LVL 15

Expert Comment

by:jrhelgeson
ID: 39226712
Reboot the server, or restart all the exchange services.
0
 

Author Comment

by:OHarrisNetworks
ID: 39227223
Rebooted DC and restarted Child exchange server.  Still no luck.
dns.PNG
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
ID: 39227393
I wouldn't put the public IP address directly on the server.
If you have to pass through the data directly, then you should put a router in to do the work for you. A cable router would be ideal, as it has an Ethernet port for the WAN side.

Another option would be an old piece of hardware and something like pfsense or monowall. It would need two NICs. If you are using VMWARE or HyperV then you could install those in to a VM.

I haven't put external IP addresses directly on a server since about 1999.

Simon.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 15

Expert Comment

by:jrhelgeson
ID: 39227436
You're puting the dns in the wrong place. You need to update the A record in the oharris.local Zone.
0
 

Author Comment

by:OHarrisNetworks
ID: 39227495
This is my forward lookup zone.
dns2.PNG
0
 

Author Comment

by:OHarrisNetworks
ID: 39227505
Simon, from what I've ready other hardware (routers +firewalls)do not play nice with the 2wire router from uverse residential.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
ID: 39228452
If they are sending the external IP address straight through to the internal interface there should be no problem with putting a router behind it - that is what I would expect they are expecting you to do. Directly exposing the server to the internet in that way is considered a major security issue.

Not being in the USA, the uvrese residential service is not something I have any experience with.

Simon.
0
 

Author Comment

by:OHarrisNetworks
ID: 39228722
http://www.ka9q.net/Uverse/nat.html

I could be reading this wrong but I will give it a shot!
0
 

Author Closing Comment

by:OHarrisNetworks
ID: 39229037
I reverted back to a private IP with port forwarding from my gateway, after reboots and changing DNS back I atleast got my exchange server up.  Thanks guys/gals!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now