Changing exch 2010 server from a private IP to a Public IP. Exchange management console errors out.

I had my exchange up and working on a dynamic public IP with port forwarding (HTTPS + SMTP) to my private IP on my ATT Uverse residential router.  ATT uverse residential routers do not allow for NAT mapping of a public to a private so you need to put the public IP directly on the NIC.  I was warned I may be blacklisted due to having a dynamic IP so I went ahead and switched to a pool of 5 usable static public IPs.  I turned off the static private IP on the NIC of my Exchange server so I could assign the public IP.  

It now has the public IP but now the exchange console will not load.  I get the error in the screen shot. (First SS)

I added my static IP subnet to AD sites and services (Second SS) but no luck.

I did the above because http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/e506edbb-788c-4eb9-8525-f252e78e3044 forum mentioned it.

Thanks.
exch.PNG
AD.PNG
OHarrisNetworksAsked:
Who is Participating?
 
jrhelgesonConnect With a Mentor Commented:
You need to make the changes in your DNS server. Update all the former IP addresses to the new one, then restart the services.
0
 
OHarrisNetworksAuthor Commented:
Sorry, restart what services?
0
 
jrhelgesonCommented:
Reboot the server, or restart all the exchange services.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
OHarrisNetworksAuthor Commented:
Rebooted DC and restarted Child exchange server.  Still no luck.
dns.PNG
0
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
I wouldn't put the public IP address directly on the server.
If you have to pass through the data directly, then you should put a router in to do the work for you. A cable router would be ideal, as it has an Ethernet port for the WAN side.

Another option would be an old piece of hardware and something like pfsense or monowall. It would need two NICs. If you are using VMWARE or HyperV then you could install those in to a VM.

I haven't put external IP addresses directly on a server since about 1999.

Simon.
0
 
jrhelgesonCommented:
You're puting the dns in the wrong place. You need to update the A record in the oharris.local Zone.
0
 
OHarrisNetworksAuthor Commented:
This is my forward lookup zone.
dns2.PNG
0
 
OHarrisNetworksAuthor Commented:
Simon, from what I've ready other hardware (routers +firewalls)do not play nice with the 2wire router from uverse residential.
0
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
If they are sending the external IP address straight through to the internal interface there should be no problem with putting a router behind it - that is what I would expect they are expecting you to do. Directly exposing the server to the internet in that way is considered a major security issue.

Not being in the USA, the uvrese residential service is not something I have any experience with.

Simon.
0
 
OHarrisNetworksAuthor Commented:
http://www.ka9q.net/Uverse/nat.html

I could be reading this wrong but I will give it a shot!
0
 
OHarrisNetworksAuthor Commented:
I reverted back to a private IP with port forwarding from my gateway, after reboots and changing DNS back I atleast got my exchange server up.  Thanks guys/gals!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.