Solved

Exchange 2016 Mail flow issues (new install)

Posted on 2016-09-28
10
45 Views
Last Modified: 2016-11-09
Hello Experts,

I've run into some issues with a fresh Exchange 2016 install. Setup is:
Server 2012 R2 Std - DC
Server 2012 R2 Srd - Exchange (Hyper-V)
Send connector is configured to send mail through MX.
Older Netgear Prosafe Firewall - Port 25, 80, 110, 443, 587, and 2525 are open

At first I wasn't getting any mailflow in or out, but now I'm at least getting mail incoming after adding the IP of the server to the network bindings on the receive connectors. Outgoing used to just sit in the drafts (OWA) and do nothing prior to that change, but now it will get to Exchange and in the Queue viewer it shows "441 4.4.1 Error communicating with Host. Failed to connect."

I've researched this last night until I was blue in the face, I've recreated the send connector, I tried some port testing applications to verify port 25 was open, I have a single DNS server configured on the server's NIC, double checked the A record on the DC to make sure it had the correct IP for the exchange server, rebooted multiple times (transport services as well), and there's no antivirus on it.

I cannot telnet to any server (on port 25) from the exchange server, but port 25 is open. I'm assuming this is a DNS issue, but i'm not sure where else to look.

The other issue is Outlook won't connect to exchange either, but I'm assuming if there's a DNS issue somewhere it will fix both.

Thanks in advance!
0
Comment
Question by:Taylor
  • 5
  • 4
10 Comments
 
LVL 15

Assisted Solution

by:Todd Nelson
Todd Nelson earned 500 total points
ID: 41820250
Where does the Exchange server sit in your network ... DMZ or inside with the other servers?

What DNS servers is the Exchange server NIC set to use?

You say you tried telnet to other servers, does that mean you attempted "telnet outlook.com 25" too?

Is the Windows Firewall enabled or disabled?  If it's disabled, why?  If it's enabled, do you have a group policy applied to the Exchange server?
0
 

Author Comment

by:Taylor
ID: 41820333
Todd,

It's inside with the DC.
The only DNS server configured on the NIC is the IP of the DC.
I'm unable to telnet to outlook.com
Windows firewall is currently disabled for troubleshooting, otherwise it will be on.  

Thanks
0
 
LVL 15

Expert Comment

by:Todd Nelson
ID: 41820356
On the NIC settings, are both IPv4 and IPv6 enabled?

Are you able to ping other servers by IP address, name and FQDN?

If you run "nslookup servername" does it resolve both the DNS server IP address and the IP address of the "servername"?

Is your Exchange server in the same AD site as the other servers and users?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:Taylor
ID: 41820391
IPv6 is disabled on the NICs. It was originally on, but it didn't work then either.

DC and Exchange server can ping each other with no issues using IP, name, and FQDN.

If I do a NSlookup:

On DC:                                 |       On Exch:
Server:  Server1                  |     Server:  Server1
Address:  192.168.1.4        |     Address:  192.168.1.4
                                              |
                                              |  
Name:    Server1                 |     Name:    Server2
Address:  192.168.1.4        |      Address:  192.168.1.5


Exchange Server is in a different OU than the DC, but same domain
0
 
LVL 15

Expert Comment

by:Todd Nelson
ID: 41820430
0
 

Author Comment

by:Taylor
ID: 41820462
There's no GPO applied to the OU it's in. There'es the default domain policy that's at the domain level. Nothing out of the ordinary in that default GPO.  

I re-enabled IPv6 and it didn't make a difference after restarting transport services.
0
 
LVL 15

Expert Comment

by:Todd Nelson
ID: 41820490
And you don't have a public DNS address set on your NIC for DNS servers?

On the NIC, is the setting "Register this connection's address in DNS" enabled under the advanced IP settings for DNS?

Do you have multiple NICs on the Exchange server?  If so, does only one of them have a gateway assigned?
0
 

Author Comment

by:Taylor
ID: 41820548
Correct, I don't have any public addresses in the NIC settings.

That box is checked

Single NIC

I would like to note that when I was looking through all this stuff yesterday, I did find that on the DNS server, it had the A record for the exchange server as the IP that was assigned to it by DHCP when the server OS first installed. I removed and created a new A record for it with the correct IP. Strange thing was I had no issues pinging back and forth even though the record was wrong.
0
 

Accepted Solution

by:
Taylor earned 0 total points
ID: 41827257
After starting a MS case we found that there were two issues. One was a result of the install not applying default settings on the send connector correctly. The second was the firewall blocking port 25 even though it was allowed through. The default setting was to allow NTLM on the send connector, but in ECP and in the Exchange Shell it said it was enabled. It worked fine after enabling it in the shell even though it was already enabled...
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question