Solved

SSL Certs and IP addresses?

Posted on 2013-11-04
8
188 Views
Last Modified: 2013-11-14
We have 2x sites with an exchange 2010 box @ each site.  ASite A and B

Site A has all production mailboxes, site B has none but both are configured the same settings in case we need to utilise site B.

Both have the same CAS and SSL cert installed.  We believe the server at site b is accepting the SSL EAS requests.

I want to either force production server to handle these requests.

Can i achive this?  Where does the external IP address (in our case a firewall) reside?  In the SSL cert or exchange?

Thanks
0
Comment
Question by:CHI-LTD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621280
To confirm on a test i see:

      The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
       Exchange ActiveSync was tested successfully.
       
      Additional Details
       
Elapsed Time: 9815 ms.
       
      Test Steps
       
      Attempting to resolve the host name mail.domain.co.uk in DNS.
       The host name resolved successfully.
       
      Additional Details
       
IP addresses returned: external IP address Site A, External IP address Site B
Elapsed Time: 124 ms.
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39621286
You need to check with your network team if any Load Balancer is configured to route the traffic to Site B, in that case it need to be blocked
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621293
There isnt.  Both are in the same domain, over a VPN connection.
Trying to find out where the external ip addresses are stored?  SSL cert?  DNS?
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 14

Accepted Solution

by:
Ram Balachandran earned 500 total points
ID: 39621301
It  will be in router and then accessed by DNS
0
 
LVL 14

Assisted Solution

by:Ram Balachandran
Ram Balachandran earned 500 total points
ID: 39621311
Also, external IP address will be with Vendor/Service Provider from where you purchased IP addresss .  
Outside DNS will need to point to the address your ISP has given you on the outside.

Your MX Record needs to be the server that is going to receive your emails, in your case if GoDaddy is going to receive it and forward it to you, then it should be their IP Address and GoDaddy folks needs to be provided the internet facing IP of your firewall / router

Refer :

http://forums.msexchange.org/Which_IP_address_to_be_used_in_Exchange_server_(_External_IP_or_Internal_IP_)_%3F/m_1800562438/tm.htm
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621324
ah yes, DNS on our domain....

With 123reg..
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621349
Is there a way to prioritise the way in which EAS on device setup accesses mail.domain.com from external into our network(s) as it seems to be talking to the backup server?
Must be site a then site b.
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 39648463
found that there was a dns entry in there for the 2nd server which couldnt then connect to the other exchange server...
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
how to add IIS SMTP to handle application/Scanner relays into office 365.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question