Solved

What settings (forwards) in my router need to be setup for Exchange 2013?

Posted on 2014-07-25
9
130 Views
Last Modified: 2014-08-07
Hi,

We have configured an Exchange2013 server and are moving the MX, A, and OWA records. What forwards need to be setup in our router in order for the External records to communicate to the server? (If any)
0
Comment
Question by:JRome225
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 25

Expert Comment

by:-MAS
ID: 40220798
Do you mean you upgraded old exchange to exchange2013?
Please elaborate. I am not clear
0
 
LVL 1

Author Comment

by:JRome225
ID: 40220801
No, we are bringing Exchange in house from Google Apps Mail.
0
 
LVL 25

Assisted Solution

by:-MAS
-MAS earned 250 total points
ID: 40220810
switch your MX records to Exchange public IP which is NATTED to the internal exchange server IP.
i.e. Change A record (e.g. mail.domain.com) IP to your in house exchange public IP.
When you change A record automatically MX will point to that IP.

You will access OWA with the same name. i.e. https://mail.domain.com/owa
To make sure it is working trying accessing OWA by public IP. (i.e https://168.187.252.212/owa)

Please check this as well
https://productforums.google.com/forum/#!topic/apps/2bDLammZoDI
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 77

Expert Comment

by:Rob Williams
ID: 40220818
Port forwards required are 25 for SMTP, to receive e-mail, and 443 for OWA.
0
 
LVL 1

Author Comment

by:JRome225
ID: 40220821
I changed the MX and am getting 403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.

Also changed the port forwarding on the router for OWA to 80/80 to the internal. Are there any other port forwards that need to be setup?
0
 
LVL 1

Author Comment

by:JRome225
ID: 40220822
Not using a certificate..
0
 
LVL 1

Author Comment

by:JRome225
ID: 40220832
But also getting the 403 internally.
0
 
LVL 25

Expert Comment

by:-MAS
ID: 40221228
You have to do a port forwarding for 443 - 443
By default exchange will install a certificate (as part of installation).
Access owa by https://mail.domain.com/owa

or disable SSL on IIS and try http://mail.domain.com/owa (not recommended)
To disable SSL open the IIS Manager.
Expand the Sites and click on Default Web site:
Click on SSL Setting icons from the list and disable the Require SSL.
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 250 total points
ID: 40221585
ports used by exchange (may not be exhaustive)

things you definitely need

smtp : port 25 (do not change the MXs until at the very least this works)
owa : 80/443 w/o SSL (i'm unsure owa can work without ssl)

things you might need
from here on port/port means w/o SSL
client mush be read as a software (ie NOT owa)

IMAP/MAPI : 143/993 outlook clients send and receive, receive only for other clients
LDAP : 389/636 any clients that use ldap address books (including outlook)


things you probably don't need
submission : not used by exchange but you may map 587 to 25
smtps : 465

...lots of other stuff available in exchange documentations
do no try allowing rpcs
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question