2007 exchange server configuration

I'm working with 2007 Exchange Server installed on a server with MS Server 2008 R2. It is the only server for a small business, so Edge is not installed. They need to use it for email & a shared calendar. I set up A & MX records on GoDaddy (domain host). I created a SSL certificate on Digicert & installed it through Exchange Management Shell. I can't get the email to work. MXlookup says email is ready but the SSL is not  working & there's a DNS mismatch. I receive an error when trying to set up the email account in Outlook that says it can't be completed because the server is offline. I can ping by the FQDN of the Hub Transport Receive Connector.
Do I need to set up A, MX, Forward & Reverse DNS records on the server also? The current records there use the MS server IP address & the Exchange uses the Firewall IP address. What address should I use if I create new records there? Do I have to configure differently for LAN & remote users? The exchange FQDN is mail."MyDomain".com. That's what I used on both local & remote setup with the same failure. Also, under "domain".local in the DNS Manager, there are only 3 of the 6 computers listed with their own IP address & FQDN. I manually added the others in the AD because they kept losing their trust relationship. I wonder if something was missed in the original configuration that is causing this difficulty.
Albatross1953Asked:
Who is Participating?
 
Simon Butler (Sembee)ConsultantCommented:
You need to ensure that the name on the SSL certificate resolves internally as well as externally.
By default Exchange will be using the internal of the server, which will generate the SSL mismatch errors.
Easily resolved though http://semb.ee/hosnames2007

Simon.
0
 
IntMediaNetCommented:
A record on the internal DNS, no need for the MX internally - did you 1 to 1 forward the IP in the firewall to the exchange server ?
I would recommend a separate IP for the Exchange Server then I to I NAT the address.
in 2007 EMC did you assign SMTP, IIS to the cercificate ?
Andrew
0
 
Albatross1953Author Commented:
IntMediaNet: What do you mean by 1 to 1?

Simon: That link redirects to whatis:semb.ee;  How else can the name on the certificate be changed?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Simon Butler (Sembee)ConsultantCommented:
0
 
Albatross1953Author Commented:
Do I need to use the 2nd WAN port to have a separate IP address for the Exchange Server?
0
 
IntMediaNetCommented:
your ISP would be the one to provide you with a  block of IP addresses, other wise you will need to use port forwarding to get mail to route to your mail server.
0
 
Albatross1953Author Commented:
They have an extra IP address. I just don't  understand how to assign the IP to the exchange server when it is installed on a 2008 R2 server. Do I run a cable from the modem to the 2nd WAN port to use a public IP or do I use a subnet from the firewall?
0
 
IntMediaNetCommented:
depending on your firewall you can google instruction on how to 1 to 1 NAT your public IP address to your internal private IP address of the exchange server.
0
 
Albatross1953Author Commented:
The directions say that a chosen IP address ( in this case the server ) would route directly to the Internet (through the firewall) . The MS Server & the Exchange Server are the same unit so they use the same IP address. Am I missing something there?
0
 
IntMediaNetCommented:
you keep the internal address of the server 192.168.1.52 (what ever private IP address scheme you have chosen - then in your firewall you assign a static NAT (Network Address Translation) form your external IP address that the world can see and point it to the internal address of your server. limiting the communication of course to ports 25, 80 and 443
0
 
Albatross1953Author Commented:
I couldn't verify this. After following all instructions, it still mismatched. I finally had GoDaddy host the exchange & they had the same trouble. Then there was an "aha" moment when the tech said, "Oh. wait a minute. Now it should work."
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.