Server clients can't browse internet . Exchange clients on outlook Can't send external . Certificate issue! Please help!!

SBS 2011 Environment running exchange 2010   SP3.   CiscoRv82 i believe is model (8 port vpn router)    Background info.  Server was migrated from a SBS 2008 box that was just too slow.  Migration pretty much went as successful as I could hope from a wizard.   Folder redirection was broke but Exchange for the most part moved over without issue.  

About 2 months after the migration everything just halts.  

Computers can browse to Google and a few other random sites but mostly just get a certificate error pointing back to my own server along with the IIS7 splash page.   I realized no matter what domain I type, if I put /owa at the end of it, it will load my web app page.   DNS however does resolve in NSlookup regardless of what site I try.    I.E.   I can go to www.nba.com/owa and the server redirects to localhost/owa.     The certificate error pretty much says certificate from remote.mysever.com is untrusted.  

I should note to rule out DNS issues i can ping anywhere externally via ip and dns name.  

Also Outlook is able to receive emails but is not able to send.  It keeps telling me my remote server is rejecting the message from being delivered.   Error is remote.(domain).com #550 5.7.1 Unable to relay ##    I've tried reissuing self cert to no avail.   Outlook acts so broken now it crashes unless I open outlook with /safe parameter.  


I'm wondering if maybe some IIS bindings / certificates got messed up and that's why its redirecting me there every time but I have literally went and reset them a billion times to the point where I just keep fixing and rebreaking OWA etc.   Tried Fix My network WIzard a billion times.
Ryan WardNetwork AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sajid Shaik MSr. System AdminCommented:
Greetings,


check the following solution
Open the Exchange System Manager;

Go in Administrative Groups -> Administrative group name -> Server -> Server name -> Protocols -> SMTP;

Right click on Default SMTP Virtual Server -> properties;

Access tab -> Relay buttom;

Select "only the list bellow" and add your domain and\or IPs you do want to allow the relay

 and finally check  the "Allow all computers witch successfully authenticate to relay, regardless of the list above" checkbox.

Source:
https://social.technet.microsoft.com/Forums/en-US/1a84a06a-f1c8-40b4-ace8-1e264f218aa1/550-571-unable-to-relay-for?forum=exchangesvrsecuremessaginglegacy

go to command prompt, type iisreset /stop
then command prompt, type iisreset /start

go to services : click startup type on the top - check all Automatic services are start and running - if not running then start those services--

all the best
0
Jaroslav LatalMSPCommented:
You can try SBS BPA:
https://support.microsoft.com/en-us/kb/2673284 

and also Microsoft IT Environment Health Scanner:
https://www.microsoft.com/en-us/download/details.aspx?id=10116


Jarda
0
Ryan WardNetwork AdministratorAuthor Commented:
BPA didn't really isolate issue.  

Saik I believe thats for Server 2003,  I am on 2011 that option is not available
0
Ryan WardNetwork AdministratorAuthor Commented:
UPDATE:



I have reset the routers config and internet is working again.  No more splash page!!  
Email is flowing both ways again.  

Still need to figure out which is the best route to go for establishing folder redirection to work on the new server.   A few clients are still pulling their redirected folders from the now non DC old server.  :/  New redirected folders show up but I think its a permission issue somewhere according to logs.

Thankfully I figured the biggest part of this out.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.