Exchange Hybrid environment mail flow issue

So here is the scenario:

- network with the following components: sonicwall NSA firewall, sonicwall email appliance
- on-premise Exchange 2013 server
- Office 365 account
- hybrid configuration wizard run successfully
- azure AD sync installed

We currently have the following mail flow conditions:
- MX records point to on-premise Exchange server
- mail flows to and from external email addresses from on-premise or O365 mailboxes
- mail flows from on-premise Exchange mailboxes to O365 mailboxes
- mail does NOT flow from O365 mailboxes to on-premise mailboxes

I can say that I have not updated the TXT records with the updated federation information (is that supposed to be internal and external DNS records?) but I am not sure if that is related.

Can anyone assist with troubleshooting this issue? I am not sure where to start.
twinstatevdvAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jian An LimConnect With a Mentor Solutions ArchitectCommented:
one thing, email from Office 365 back to On-premise should not pass through sonic wall.
It must arrive directly
0
 
twinstatevdvAuthor Commented:
Also, all inbound email traffic on port 25 is routed through the sonicwall email appliance.
0
 
Jian An LimSolutions ArchitectCommented:
Rerun hybrid configuration wizard again

On Office 365, check it's outbound connector.
depends on version, you should have one outbound connector

try to test connectivity on that

you can run get-outboundconnector | fl and paste the result here
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
twinstatevdvAuthor Commented:
What IP addresses and ports should I forward at the firewall direct to the exchange server? I know there is a set of EOP addresses.
0
 
Jian An LimSolutions ArchitectCommented:
0
 
twinstatevdvAuthor Commented:
THanks for the info! Which ports should I be forwarding?
0
 
Jian An LimSolutions ArchitectCommented:
port 25 for sMTP
port 443 for EWS and HTTPS
0
 
twinstatevdvAuthor Commented:
got it, I will try that with the EOP addresses; my only concern is that we might be allowing non-hybrid email messages from Office 365 sources to bypass the email appliance.
0
 
Jian An LimSolutions ArchitectCommented:
non-hybrid email message?
the connector should only bring back any email that is mail user, nothing else.

also, you might want to upgrade your azure AD sync to AADConnect as the previous version have been deprecated.
0
 
twinstatevdvAuthor Commented:
Thank you for the assistance! Email appears to be flowing as desired.  :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.