Solved

SSL Certs and IP addresses?

Posted on 2013-11-04
8
183 Views
Last Modified: 2013-11-14
We have 2x sites with an exchange 2010 box @ each site.  ASite A and B

Site A has all production mailboxes, site B has none but both are configured the same settings in case we need to utilise site B.

Both have the same CAS and SSL cert installed.  We believe the server at site b is accepting the SSL EAS requests.

I want to either force production server to handle these requests.

Can i achive this?  Where does the external IP address (in our case a firewall) reside?  In the SSL cert or exchange?

Thanks
0
Comment
Question by:CHI-LTD
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621280
To confirm on a test i see:

      The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
       Exchange ActiveSync was tested successfully.
       
      Additional Details
       
Elapsed Time: 9815 ms.
       
      Test Steps
       
      Attempting to resolve the host name mail.domain.co.uk in DNS.
       The host name resolved successfully.
       
      Additional Details
       
IP addresses returned: external IP address Site A, External IP address Site B
Elapsed Time: 124 ms.
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39621286
You need to check with your network team if any Load Balancer is configured to route the traffic to Site B, in that case it need to be blocked
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621293
There isnt.  Both are in the same domain, over a VPN connection.
Trying to find out where the external ip addresses are stored?  SSL cert?  DNS?
0
 
LVL 14

Accepted Solution

by:
Ram Balachandran earned 500 total points
ID: 39621301
It  will be in router and then accessed by DNS
0
 
LVL 14

Assisted Solution

by:Ram Balachandran
Ram Balachandran earned 500 total points
ID: 39621311
Also, external IP address will be with Vendor/Service Provider from where you purchased IP addresss .  
Outside DNS will need to point to the address your ISP has given you on the outside.

Your MX Record needs to be the server that is going to receive your emails, in your case if GoDaddy is going to receive it and forward it to you, then it should be their IP Address and GoDaddy folks needs to be provided the internet facing IP of your firewall / router

Refer :

http://forums.msexchange.org/Which_IP_address_to_be_used_in_Exchange_server_(_External_IP_or_Internal_IP_)_%3F/m_1800562438/tm.htm
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621324
ah yes, DNS on our domain....

With 123reg..
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39621349
Is there a way to prioritise the way in which EAS on device setup accesses mail.domain.com from external into our network(s) as it seems to be talking to the backup server?
Must be site a then site b.
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 39648463
found that there was a dns entry in there for the 2nd server which couldnt then connect to the other exchange server...
0

Join & Write a Comment

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now