Solved

DNS Configuration for Exchange Server 2010

Posted on 2015-01-31
4
128 Views
Last Modified: 2015-02-15
Good afternoon experts,

I am installing my first Exchanger Server and I need some clarification. It's probably really simple but I'm having a hard time finding a straight forward explanation:

Please find below a setup to better understand my issue:

I have a server (SERVER1 IP:192.168.1.100) that is the Domain Controller and DNS for the network.
I have a second server (SERVER2 IP:192.168.1.200) where I installed Exchange Server 2010.
My External IP in 204.10.11.12
My domain name is: domainname.com

The DNS Entries are as follows:
domainname.com    Start of Authority     server1.domainname.com, hostmaster.domainname.com
domainname.com    Name Server (NS)     server1.domainname.com   IP:   192.168.1.100
domainname.com    Name Server (NS)     server2.domainname.com   IP:   192.168.1.200

The nameserver to contact the server is "mail" so:
domainname.com    Name Server (NS)     mail.domainname.com.    IP: 204.10.11.12

Mail Exchanger Entry
domainname.com     Mail Exchanger (MX)        [10] exchange.domainname.com

Then my A Host:
domainname.com    Host (A)        204.10.11.12
domainname.com    Host (A)        192.168.1.100
server1                       Host (A)        192.168.1.100
server2                       Host (A)        192.168.1.200
mail                             Host (A)        204.10.11.12
exchange                   Host (A)        204.10.11.12
www                           Alias (CNAME)       domainname.com.

To test it, I used Outlook web Access to see if I can connect.
I'm know I'm missing something as, internally and externally I cannot use https://exchange.domainname.com/owa however internally I can use https://server1.domainname.com/owa and it works.

The router is not the issue as all the ports are open and the MX records have also been modified for the Domain Name's DNS entries.

Using NSLOOKUP, here are my results:
for domainname.com
Name: domainname.com
Adresses: 192.168.1.100

then set type =mx
domainname.com MX preferences = 10, mail exchanger = exchange.domainname.com
exchnage.domainname.com      internet address = 204.10.11.12

lastly, set type=ns
Server: localhost
Address: 127.0.0.1

domainname.com nameserver = server2.domainname.com
domainname.com nameserver = server1.domainname.com
server2.domainname.com      internet address = 192.168.1.200
server1.domainname.com      internet address = 192.168.1.100
mail.domainname.com            internet address = 201.10.11.12

I'm not sure what's wrong but I suspect that I'm missing a step in the DNS that connects the mail.domainname.com or exchange.domainname.com to the actual server (SERVER2) whis is the Exchange Server.

I really hope someone can help me out.

Cheers and thank for taking the time :)
0
Comment
Question by:TSIsolutions
4 Comments
 
LVL 20

Assisted Solution

by:SatyaPathak
SatyaPathak earned 100 total points
ID: 40581922
follow the below KB woudl help you to understand how to configure a DNS  with Exchange enviroment
https://demazter.wordpress.com/2010/02/09/exchange-dns-configuration/
0
 
LVL 76

Accepted Solution

by:
arnold earned 200 total points
ID: 40581978
The issue is not with DNS, the issue is that you need to create a rule on your firewall allowing connection attempts on your public IP port 25 to get to your exchange server 192.168.1.200 port 25.


Dealing with access to OWA it is he same, you need to create a path on port 443 of your existing external IP to the internal. The second thing you need to add to the IIS configuration for OWA to also treat requests for exchange.domainname.com, but since you use secure, you may need a certificate using a SAN exchange.domainname.com and mail.domainname.com

Double check what people outside your domain will see as a response.  Run the Sam nslookup queries but use an external DNS server
nslookup -q=mx domainname.com. 8.8.8.8

Since you've not included a domain name, we have to rely on your description to assess what is wrong and what needs fixing.  Your issue could be all together something else I.e. A restriction on the incoming connector to only allow requests from 192.168.1.0 network, ......
0
 
LVL 11

Assisted Solution

by:hecgomrec
hecgomrec earned 200 total points
ID: 40583954
Since Exchange 2007 it is recommended to use the same names for your exchange server internally and external access.

For exchange to be accessed from outside your organization you will have to have an MX record and a DNS name created for your server name: mail.domainname.com.  Then you will have to create a rule on your firewall to either pass all request or just some ports (25, 80, 443, etc.) to mail.domainname.com IP to your internal exchange server's IP (192.168.1.200)

Second step will be to go to your DC/DNS server (192.168.1.100) and create an MX record and a Host record for mail.yourdomainname.com  --->  192.168.1.200.

Last step, make sure your server internal and external names match,  Open the EMC, Under Server Configuration, Client Access, locate in the middle of the screen: Outlook Web App tab open the properties and check that internal and external URL in the General tab match (mail.yourdomainname.com), repeat the process for the others tabs to match your domain name and the virtual path needed.

This should take care of the access problem, Now if you still have problems check if you have installed a valid certificate to handle all your services.  Click on Server configuration, in the middle on the screen locate available installed certificates under "Exchange Certificates" tab.  Here, if you don't have a valid certificate you must get one and install it following your CERT Authority provider, remember the certificate should include all possible names the server will have (mail.domainame.com, owa.domainame.com, webmail.domainame.com, etc.).

Hope that helps!!!
0
 
LVL 1

Author Closing Comment

by:TSIsolutions
ID: 40611493
Good afternoon,

Sorry for the late reply and thanks for the comments. In my case it turns out that the firewall on the router for port 25 was poiting to a different IP address.
Additionally, the previous IT company had installed SMTP service on the the server while we created a connector on port 25. Because of that the binding to the connector was failing because the port was already in use.
I feel a bit stupid as I had seen the port opened on the firewall rules but did not notice the IP address it was pointing to another IP address.
As soon as I changed it, and removed the SMTP service, everything was fine.

Thanks again guys :)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now