Solved

2007 exchange server configuration

Posted on 2014-11-05
11
104 Views
Last Modified: 2014-11-15
I'm working with 2007 Exchange Server installed on a server with MS Server 2008 R2. It is the only server for a small business, so Edge is not installed. They need to use it for email & a shared calendar. I set up A & MX records on GoDaddy (domain host). I created a SSL certificate on Digicert & installed it through Exchange Management Shell. I can't get the email to work. MXlookup says email is ready but the SSL is not  working & there's a DNS mismatch. I receive an error when trying to set up the email account in Outlook that says it can't be completed because the server is offline. I can ping by the FQDN of the Hub Transport Receive Connector.
Do I need to set up A, MX, Forward & Reverse DNS records on the server also? The current records there use the MS server IP address & the Exchange uses the Firewall IP address. What address should I use if I create new records there? Do I have to configure differently for LAN & remote users? The exchange FQDN is mail."MyDomain".com. That's what I used on both local & remote setup with the same failure. Also, under "domain".local in the DNS Manager, there are only 3 of the 6 computers listed with their own IP address & FQDN. I manually added the others in the AD because they kept losing their trust relationship. I wonder if something was missed in the original configuration that is causing this difficulty.
0
Comment
Question by:Albatross1953
  • 5
  • 4
  • 2
11 Comments
 
LVL 1

Assisted Solution

by:IntMediaNet
IntMediaNet earned 250 total points
ID: 40424572
A record on the internal DNS, no need for the MX internally - did you 1 to 1 forward the IP in the firewall to the exchange server ?
I would recommend a separate IP for the Exchange Server then I to I NAT the address.
in 2007 EMC did you assign SMTP, IIS to the cercificate ?
Andrew
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 250 total points
ID: 40424887
You need to ensure that the name on the SSL certificate resolves internally as well as externally.
By default Exchange will be using the internal of the server, which will generate the SSL mismatch errors.
Easily resolved though http://semb.ee/hosnames2007

Simon.
0
 

Author Comment

by:Albatross1953
ID: 40425330
IntMediaNet: What do you mean by 1 to 1?

Simon: That link redirects to whatis:semb.ee;  How else can the name on the certificate be changed?
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40425717
0
 

Author Comment

by:Albatross1953
ID: 40428791
Do I need to use the 2nd WAN port to have a separate IP address for the Exchange Server?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40428994
your ISP would be the one to provide you with a  block of IP addresses, other wise you will need to use port forwarding to get mail to route to your mail server.
0
 

Author Comment

by:Albatross1953
ID: 40429073
They have an extra IP address. I just don't  understand how to assign the IP to the exchange server when it is installed on a 2008 R2 server. Do I run a cable from the modem to the 2nd WAN port to use a public IP or do I use a subnet from the firewall?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40429078
depending on your firewall you can google instruction on how to 1 to 1 NAT your public IP address to your internal private IP address of the exchange server.
0
 

Author Comment

by:Albatross1953
ID: 40429263
The directions say that a chosen IP address ( in this case the server ) would route directly to the Internet (through the firewall) . The MS Server & the Exchange Server are the same unit so they use the same IP address. Am I missing something there?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40434816
you keep the internal address of the server 192.168.1.52 (what ever private IP address scheme you have chosen - then in your firewall you assign a static NAT (Network Address Translation) form your external IP address that the world can see and point it to the internal address of your server. limiting the communication of course to ports 25, 80 and 443
0
 

Author Closing Comment

by:Albatross1953
ID: 40444406
I couldn't verify this. After following all instructions, it still mismatched. I finally had GoDaddy host the exchange & they had the same trouble. Then there was an "aha" moment when the tech said, "Oh. wait a minute. Now it should work."
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2013 Hybrid 5 44
Exchange 2016 and 2010 Co-existence 3 39
Exchange Cluster Requirements 8 20
exchange 2007 1 12
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question