Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 328
  • Last Modified:

Changing exch 2010 server from a private IP to a Public IP. Exchange management console errors out.

I had my exchange up and working on a dynamic public IP with port forwarding (HTTPS + SMTP) to my private IP on my ATT Uverse residential router.  ATT uverse residential routers do not allow for NAT mapping of a public to a private so you need to put the public IP directly on the NIC.  I was warned I may be blacklisted due to having a dynamic IP so I went ahead and switched to a pool of 5 usable static public IPs.  I turned off the static private IP on the NIC of my Exchange server so I could assign the public IP.  

It now has the public IP but now the exchange console will not load.  I get the error in the screen shot. (First SS)

I added my static IP subnet to AD sites and services (Second SS) but no luck.

I did the above because http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/e506edbb-788c-4eb9-8525-f252e78e3044 forum mentioned it.

Thanks.
exch.PNG
AD.PNG
0
OHarrisNetworks
Asked:
OHarrisNetworks
  • 6
  • 3
  • 2
3 Solutions
 
jrhelgesonCommented:
You need to make the changes in your DNS server. Update all the former IP addresses to the new one, then restart the services.
0
 
OHarrisNetworksAuthor Commented:
Sorry, restart what services?
0
 
jrhelgesonCommented:
Reboot the server, or restart all the exchange services.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
OHarrisNetworksAuthor Commented:
Rebooted DC and restarted Child exchange server.  Still no luck.
dns.PNG
0
 
Simon Butler (Sembee)ConsultantCommented:
I wouldn't put the public IP address directly on the server.
If you have to pass through the data directly, then you should put a router in to do the work for you. A cable router would be ideal, as it has an Ethernet port for the WAN side.

Another option would be an old piece of hardware and something like pfsense or monowall. It would need two NICs. If you are using VMWARE or HyperV then you could install those in to a VM.

I haven't put external IP addresses directly on a server since about 1999.

Simon.
0
 
jrhelgesonCommented:
You're puting the dns in the wrong place. You need to update the A record in the oharris.local Zone.
0
 
OHarrisNetworksAuthor Commented:
This is my forward lookup zone.
dns2.PNG
0
 
OHarrisNetworksAuthor Commented:
Simon, from what I've ready other hardware (routers +firewalls)do not play nice with the 2wire router from uverse residential.
0
 
Simon Butler (Sembee)ConsultantCommented:
If they are sending the external IP address straight through to the internal interface there should be no problem with putting a router behind it - that is what I would expect they are expecting you to do. Directly exposing the server to the internet in that way is considered a major security issue.

Not being in the USA, the uvrese residential service is not something I have any experience with.

Simon.
0
 
OHarrisNetworksAuthor Commented:
http://www.ka9q.net/Uverse/nat.html

I could be reading this wrong but I will give it a shot!
0
 
OHarrisNetworksAuthor Commented:
I reverted back to a private IP with port forwarding from my gateway, after reboots and changing DNS back I atleast got my exchange server up.  Thanks guys/gals!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now