Solved

2007 exchange server configuration

Posted on 2014-11-05
11
100 Views
Last Modified: 2014-11-15
I'm working with 2007 Exchange Server installed on a server with MS Server 2008 R2. It is the only server for a small business, so Edge is not installed. They need to use it for email & a shared calendar. I set up A & MX records on GoDaddy (domain host). I created a SSL certificate on Digicert & installed it through Exchange Management Shell. I can't get the email to work. MXlookup says email is ready but the SSL is not  working & there's a DNS mismatch. I receive an error when trying to set up the email account in Outlook that says it can't be completed because the server is offline. I can ping by the FQDN of the Hub Transport Receive Connector.
Do I need to set up A, MX, Forward & Reverse DNS records on the server also? The current records there use the MS server IP address & the Exchange uses the Firewall IP address. What address should I use if I create new records there? Do I have to configure differently for LAN & remote users? The exchange FQDN is mail."MyDomain".com. That's what I used on both local & remote setup with the same failure. Also, under "domain".local in the DNS Manager, there are only 3 of the 6 computers listed with their own IP address & FQDN. I manually added the others in the AD because they kept losing their trust relationship. I wonder if something was missed in the original configuration that is causing this difficulty.
0
Comment
Question by:Albatross1953
  • 5
  • 4
  • 2
11 Comments
 
LVL 1

Assisted Solution

by:IntMediaNet
IntMediaNet earned 250 total points
ID: 40424572
A record on the internal DNS, no need for the MX internally - did you 1 to 1 forward the IP in the firewall to the exchange server ?
I would recommend a separate IP for the Exchange Server then I to I NAT the address.
in 2007 EMC did you assign SMTP, IIS to the cercificate ?
Andrew
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 250 total points
ID: 40424887
You need to ensure that the name on the SSL certificate resolves internally as well as externally.
By default Exchange will be using the internal of the server, which will generate the SSL mismatch errors.
Easily resolved though http://semb.ee/hosnames2007

Simon.
0
 

Author Comment

by:Albatross1953
ID: 40425330
IntMediaNet: What do you mean by 1 to 1?

Simon: That link redirects to whatis:semb.ee;  How else can the name on the certificate be changed?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40425717
0
 

Author Comment

by:Albatross1953
ID: 40428791
Do I need to use the 2nd WAN port to have a separate IP address for the Exchange Server?
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40428994
your ISP would be the one to provide you with a  block of IP addresses, other wise you will need to use port forwarding to get mail to route to your mail server.
0
 

Author Comment

by:Albatross1953
ID: 40429073
They have an extra IP address. I just don't  understand how to assign the IP to the exchange server when it is installed on a 2008 R2 server. Do I run a cable from the modem to the 2nd WAN port to use a public IP or do I use a subnet from the firewall?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40429078
depending on your firewall you can google instruction on how to 1 to 1 NAT your public IP address to your internal private IP address of the exchange server.
0
 

Author Comment

by:Albatross1953
ID: 40429263
The directions say that a chosen IP address ( in this case the server ) would route directly to the Internet (through the firewall) . The MS Server & the Exchange Server are the same unit so they use the same IP address. Am I missing something there?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40434816
you keep the internal address of the server 192.168.1.52 (what ever private IP address scheme you have chosen - then in your firewall you assign a static NAT (Network Address Translation) form your external IP address that the world can see and point it to the internal address of your server. limiting the communication of course to ports 25, 80 and 443
0
 

Author Closing Comment

by:Albatross1953
ID: 40444406
I couldn't verify this. After following all instructions, it still mismatched. I finally had GoDaddy host the exchange & they had the same trouble. Then there was an "aha" moment when the tech said, "Oh. wait a minute. Now it should work."
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now