Solved

2007 exchange server configuration

Posted on 2014-11-05
11
98 Views
Last Modified: 2014-11-15
I'm working with 2007 Exchange Server installed on a server with MS Server 2008 R2. It is the only server for a small business, so Edge is not installed. They need to use it for email & a shared calendar. I set up A & MX records on GoDaddy (domain host). I created a SSL certificate on Digicert & installed it through Exchange Management Shell. I can't get the email to work. MXlookup says email is ready but the SSL is not  working & there's a DNS mismatch. I receive an error when trying to set up the email account in Outlook that says it can't be completed because the server is offline. I can ping by the FQDN of the Hub Transport Receive Connector.
Do I need to set up A, MX, Forward & Reverse DNS records on the server also? The current records there use the MS server IP address & the Exchange uses the Firewall IP address. What address should I use if I create new records there? Do I have to configure differently for LAN & remote users? The exchange FQDN is mail."MyDomain".com. That's what I used on both local & remote setup with the same failure. Also, under "domain".local in the DNS Manager, there are only 3 of the 6 computers listed with their own IP address & FQDN. I manually added the others in the AD because they kept losing their trust relationship. I wonder if something was missed in the original configuration that is causing this difficulty.
0
Comment
Question by:Albatross1953
  • 5
  • 4
  • 2
11 Comments
 
LVL 1

Assisted Solution

by:IntMediaNet
IntMediaNet earned 250 total points
ID: 40424572
A record on the internal DNS, no need for the MX internally - did you 1 to 1 forward the IP in the firewall to the exchange server ?
I would recommend a separate IP for the Exchange Server then I to I NAT the address.
in 2007 EMC did you assign SMTP, IIS to the cercificate ?
Andrew
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 250 total points
ID: 40424887
You need to ensure that the name on the SSL certificate resolves internally as well as externally.
By default Exchange will be using the internal of the server, which will generate the SSL mismatch errors.
Easily resolved though http://semb.ee/hosnames2007

Simon.
0
 

Author Comment

by:Albatross1953
ID: 40425330
IntMediaNet: What do you mean by 1 to 1?

Simon: That link redirects to whatis:semb.ee;  How else can the name on the certificate be changed?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40425717
0
 

Author Comment

by:Albatross1953
ID: 40428791
Do I need to use the 2nd WAN port to have a separate IP address for the Exchange Server?
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40428994
your ISP would be the one to provide you with a  block of IP addresses, other wise you will need to use port forwarding to get mail to route to your mail server.
0
 

Author Comment

by:Albatross1953
ID: 40429073
They have an extra IP address. I just don't  understand how to assign the IP to the exchange server when it is installed on a 2008 R2 server. Do I run a cable from the modem to the 2nd WAN port to use a public IP or do I use a subnet from the firewall?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40429078
depending on your firewall you can google instruction on how to 1 to 1 NAT your public IP address to your internal private IP address of the exchange server.
0
 

Author Comment

by:Albatross1953
ID: 40429263
The directions say that a chosen IP address ( in this case the server ) would route directly to the Internet (through the firewall) . The MS Server & the Exchange Server are the same unit so they use the same IP address. Am I missing something there?
0
 
LVL 1

Expert Comment

by:IntMediaNet
ID: 40434816
you keep the internal address of the server 192.168.1.52 (what ever private IP address scheme you have chosen - then in your firewall you assign a static NAT (Network Address Translation) form your external IP address that the world can see and point it to the internal address of your server. limiting the communication of course to ports 25, 80 and 443
0
 

Author Closing Comment

by:Albatross1953
ID: 40444406
I couldn't verify this. After following all instructions, it still mismatched. I finally had GoDaddy host the exchange & they had the same trouble. Then there was an "aha" moment when the tech said, "Oh. wait a minute. Now it should work."
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now