DNS Configuration for Exchange Server 2010

Posted on 2015-01-31
Last Modified: 2015-02-15
Good afternoon experts,

I am installing my first Exchanger Server and I need some clarification. It's probably really simple but I'm having a hard time finding a straight forward explanation:

Please find below a setup to better understand my issue:

I have a server (SERVER1 IP: that is the Domain Controller and DNS for the network.
I have a second server (SERVER2 IP: where I installed Exchange Server 2010.
My External IP in
My domain name is:

The DNS Entries are as follows:    Start of Authority,    Name Server (NS)   IP:    Name Server (NS)   IP:

The nameserver to contact the server is "mail" so:    Name Server (NS)    IP:

Mail Exchanger Entry     Mail Exchanger (MX)        [10]

Then my A Host:    Host (A)    Host (A)
server1                       Host (A)
server2                       Host (A)
mail                             Host (A)
exchange                   Host (A)
www                           Alias (CNAME)

To test it, I used Outlook web Access to see if I can connect.
I'm know I'm missing something as, internally and externally I cannot use however internally I can use and it works.

The router is not the issue as all the ports are open and the MX records have also been modified for the Domain Name's DNS entries.

Using NSLOOKUP, here are my results:

then set type =mx MX preferences = 10, mail exchanger =      internet address =

lastly, set type=ns
Server: localhost
Address: nameserver = nameserver =      internet address =      internet address =            internet address =

I'm not sure what's wrong but I suspect that I'm missing a step in the DNS that connects the or to the actual server (SERVER2) whis is the Exchange Server.

I really hope someone can help me out.

Cheers and thank for taking the time :)
Question by:TSIsolutions
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 20

Assisted Solution

by:Satya Pathak
Satya Pathak earned 100 total points
ID: 40581922
follow the below KB woudl help you to understand how to configure a DNS  with Exchange enviroment
LVL 79

Accepted Solution

arnold earned 200 total points
ID: 40581978
The issue is not with DNS, the issue is that you need to create a rule on your firewall allowing connection attempts on your public IP port 25 to get to your exchange server port 25.

Dealing with access to OWA it is he same, you need to create a path on port 443 of your existing external IP to the internal. The second thing you need to add to the IIS configuration for OWA to also treat requests for, but since you use secure, you may need a certificate using a SAN and

Double check what people outside your domain will see as a response.  Run the Sam nslookup queries but use an external DNS server
nslookup -q=mx

Since you've not included a domain name, we have to rely on your description to assess what is wrong and what needs fixing.  Your issue could be all together something else I.e. A restriction on the incoming connector to only allow requests from network, ......
LVL 11

Assisted Solution

hecgomrec earned 200 total points
ID: 40583954
Since Exchange 2007 it is recommended to use the same names for your exchange server internally and external access.

For exchange to be accessed from outside your organization you will have to have an MX record and a DNS name created for your server name:  Then you will have to create a rule on your firewall to either pass all request or just some ports (25, 80, 443, etc.) to IP to your internal exchange server's IP (

Second step will be to go to your DC/DNS server ( and create an MX record and a Host record for  --->

Last step, make sure your server internal and external names match,  Open the EMC, Under Server Configuration, Client Access, locate in the middle of the screen: Outlook Web App tab open the properties and check that internal and external URL in the General tab match (, repeat the process for the others tabs to match your domain name and the virtual path needed.

This should take care of the access problem, Now if you still have problems check if you have installed a valid certificate to handle all your services.  Click on Server configuration, in the middle on the screen locate available installed certificates under "Exchange Certificates" tab.  Here, if you don't have a valid certificate you must get one and install it following your CERT Authority provider, remember the certificate should include all possible names the server will have (,,, etc.).

Hope that helps!!!

Author Closing Comment

ID: 40611493
Good afternoon,

Sorry for the late reply and thanks for the comments. In my case it turns out that the firewall on the router for port 25 was poiting to a different IP address.
Additionally, the previous IT company had installed SMTP service on the the server while we created a connector on port 25. Because of that the binding to the connector was failing because the port was already in use.
I feel a bit stupid as I had seen the port opened on the firewall rules but did not notice the IP address it was pointing to another IP address.
As soon as I changed it, and removed the SMTP service, everything was fine.

Thanks again guys :)

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question