Exchange 2010 - Secondary NIC preference and DNS Registration problem

Hello All,

I have a Windows 2008R2 64bit server running Exchange 2010 utilizing two NICs. NIC1 is on the inside and NIC2 receives Mapi and OWA connections from the outside. I've had a terrible time with the server and clients preferring the outside NIC over the inside NIC.

When I first setup the server I was getting two internal DNS entries for my exchange server. My clients seemed to prefer connecting to the entry for NIC2 and because of a static route in my firewall would time out, and only then connect to NIC1. Which obviously slowed down access time and generated lots of calls.

Things I've tried:
-changed the Interface Metric to 10 on NIC2
-took the check out of "Register this connection's addresses in DNS"

NIC2 was still registering in DNS and my workstations were still preferring to use it.

Next I tried:
-disabling NIC2 and adding a second IP to NIC1

Same problem, My outside address was still registering and my workstation preferred to try it first.

So I removed the second address on NIC one, went back to NIC2 and ran:
-Netsh int ipv4 add address <Interface Name> <ip address> skipassource=true

Now this finally put a stop to NIC2 registering in DNS, and after I flushed everybody's cache and deleted NIC2 from all my DNS servers, all seemed fine.

However, now I seem to be having a new problem. My exchange server cannot ping several WAN DC servers unless I disable NIC2,(obviously because NIC2 does not have a DNS entry due to the Netsh command above) which is kicking up errors like the one below in Application Event viewer.

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1852). Exchange Active Directory Provider is unable to connect to the Domain Controller server.domain.com although its service location (SRV) resource record was found in the DNS
 The query was for the SRV record for _ldap._tcp.dc._msdcs.domain.com
 The following domain controllers were identified by the query:
server1.domain.com
server2.domain.com
server3.domain.com
server4.domain.com
server5.domain.com
server6.domain.com

 Common causes of this error include:
 - Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.
 - Domain controllers registered in DNS are not connected to the network or are not running.
 For information about correcting this problem,  Type in the command line:
hh tcpip.chm::/sag_DNS_tro_dcLocator_messageHa.htm    

I can't ping them either.
     
If I disable NIC2 communications immediately function fine. I can't seem to figure out why at every turn NIC2, or its address seems to be preferred.

Any help would be great
Thanks
Eric
bwaskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

James HIT DirectorCommented:
Have you set your adapters and bindings correctly?
If you go into Network and Internet --> Change adapter setttings
On the top menu bar, click on Advanced and Advanced Settings
Under the Adapters and Bindings, ensure that your preferred nic is listed first.
0
bwaskAuthor Commented:
Thanks Spartan,

I had to Google how to get the advanced function menu to pop up (why Microsoft decided to hide it is beyond me.) Anyway, yes, the binding order had NIC2 at the top of the list. I changed it. Is it immediate, or do I need to reboot the mail server? It still can't ping those servers unless I disable NIC2

Thanks
Eric
0
James HIT DirectorCommented:
I would reboot.
What was the reason behind setting up two NIC's? The NAT of the firewall should be enough to handle external access to an internal IP.
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

bwaskAuthor Commented:
Hello,

I rebooted the server last night, unfortunately it is still preferring to use NIC2 for 3 of my WAN sights. And again, as soon as I disable NIC2 it functions properly. If I re-enable it mid ping I'll get:
PING: transmit failed. General Failure.
And of course when I run ping again I get:
Ping request could not find host computername. Please check the name and try again.
It won't even try to use NIC1.

Thanks
Eric
0
bwaskAuthor Commented:
I think I fixed it,

The command that I mentioned above:
-Netsh int ipv4 add address <Interface Name> <ip address> skipassource=true
gave NIC2  a subnet of 255.255.0.0. NIC1 has a subnet of 255.255.255.0. As soon as I changed NIC2 to be like NIC1 all started working.

Thanks
Eric
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bwaskAuthor Commented:
I'm accepting my solution because that's what fixed it. Thanks for the help everybody.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.