Solved

Changing exch 2010 server from a private IP to a Public IP. Exchange management console errors out.

Posted on 2013-06-06
11
312 Views
Last Modified: 2013-06-07
I had my exchange up and working on a dynamic public IP with port forwarding (HTTPS + SMTP) to my private IP on my ATT Uverse residential router.  ATT uverse residential routers do not allow for NAT mapping of a public to a private so you need to put the public IP directly on the NIC.  I was warned I may be blacklisted due to having a dynamic IP so I went ahead and switched to a pool of 5 usable static public IPs.  I turned off the static private IP on the NIC of my Exchange server so I could assign the public IP.  

It now has the public IP but now the exchange console will not load.  I get the error in the screen shot. (First SS)

I added my static IP subnet to AD sites and services (Second SS) but no luck.

I did the above because http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/e506edbb-788c-4eb9-8525-f252e78e3044 forum mentioned it.

Thanks.
exch.PNG
AD.PNG
0
Comment
Question by:OHarrisNetworks
  • 6
  • 3
  • 2
11 Comments
 
LVL 15

Accepted Solution

by:
jrhelgeson earned 300 total points
Comment Utility
You need to make the changes in your DNS server. Update all the former IP addresses to the new one, then restart the services.
0
 

Author Comment

by:OHarrisNetworks
Comment Utility
Sorry, restart what services?
0
 
LVL 15

Expert Comment

by:jrhelgeson
Comment Utility
Reboot the server, or restart all the exchange services.
0
 

Author Comment

by:OHarrisNetworks
Comment Utility
Rebooted DC and restarted Child exchange server.  Still no luck.
dns.PNG
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
Comment Utility
I wouldn't put the public IP address directly on the server.
If you have to pass through the data directly, then you should put a router in to do the work for you. A cable router would be ideal, as it has an Ethernet port for the WAN side.

Another option would be an old piece of hardware and something like pfsense or monowall. It would need two NICs. If you are using VMWARE or HyperV then you could install those in to a VM.

I haven't put external IP addresses directly on a server since about 1999.

Simon.
0
Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

 
LVL 15

Expert Comment

by:jrhelgeson
Comment Utility
You're puting the dns in the wrong place. You need to update the A record in the oharris.local Zone.
0
 

Author Comment

by:OHarrisNetworks
Comment Utility
This is my forward lookup zone.
dns2.PNG
0
 

Author Comment

by:OHarrisNetworks
Comment Utility
Simon, from what I've ready other hardware (routers +firewalls)do not play nice with the 2wire router from uverse residential.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 200 total points
Comment Utility
If they are sending the external IP address straight through to the internal interface there should be no problem with putting a router behind it - that is what I would expect they are expecting you to do. Directly exposing the server to the internet in that way is considered a major security issue.

Not being in the USA, the uvrese residential service is not something I have any experience with.

Simon.
0
 

Author Comment

by:OHarrisNetworks
Comment Utility
http://www.ka9q.net/Uverse/nat.html

I could be reading this wrong but I will give it a shot!
0
 

Author Closing Comment

by:OHarrisNetworks
Comment Utility
I reverted back to a private IP with port forwarding from my gateway, after reboots and changing DNS back I atleast got my exchange server up.  Thanks guys/gals!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now