• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 180
  • Last Modified:

Exchange Hybrid environment mail flow issue

So here is the scenario:

- network with the following components: sonicwall NSA firewall, sonicwall email appliance
- on-premise Exchange 2013 server
- Office 365 account
- hybrid configuration wizard run successfully
- azure AD sync installed

We currently have the following mail flow conditions:
- MX records point to on-premise Exchange server
- mail flows to and from external email addresses from on-premise or O365 mailboxes
- mail flows from on-premise Exchange mailboxes to O365 mailboxes
- mail does NOT flow from O365 mailboxes to on-premise mailboxes

I can say that I have not updated the TXT records with the updated federation information (is that supposed to be internal and external DNS records?) but I am not sure if that is related.

Can anyone assist with troubleshooting this issue? I am not sure where to start.
0
twinstatevdv
Asked:
twinstatevdv
  • 5
  • 5
1 Solution
 
twinstatevdvAuthor Commented:
Also, all inbound email traffic on port 25 is routed through the sonicwall email appliance.
0
 
Jian An LimSolutions ArchitectCommented:
Rerun hybrid configuration wizard again

On Office 365, check it's outbound connector.
depends on version, you should have one outbound connector

try to test connectivity on that

you can run get-outboundconnector | fl and paste the result here
0
 
Jian An LimSolutions ArchitectCommented:
one thing, email from Office 365 back to On-premise should not pass through sonic wall.
It must arrive directly
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
twinstatevdvAuthor Commented:
What IP addresses and ports should I forward at the firewall direct to the exchange server? I know there is a set of EOP addresses.
0
 
Jian An LimSolutions ArchitectCommented:
0
 
twinstatevdvAuthor Commented:
THanks for the info! Which ports should I be forwarding?
0
 
Jian An LimSolutions ArchitectCommented:
port 25 for sMTP
port 443 for EWS and HTTPS
0
 
twinstatevdvAuthor Commented:
got it, I will try that with the EOP addresses; my only concern is that we might be allowing non-hybrid email messages from Office 365 sources to bypass the email appliance.
0
 
Jian An LimSolutions ArchitectCommented:
non-hybrid email message?
the connector should only bring back any email that is mail user, nothing else.

also, you might want to upgrade your azure AD sync to AADConnect as the previous version have been deprecated.
0
 
twinstatevdvAuthor Commented:
Thank you for the assistance! Email appears to be flowing as desired.  :)
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now