Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2016 Mail flow issues (new install)

Posted on 2016-09-28
10
Medium Priority
?
86 Views
Last Modified: 2016-11-09
Hello Experts,

I've run into some issues with a fresh Exchange 2016 install. Setup is:
Server 2012 R2 Std - DC
Server 2012 R2 Srd - Exchange (Hyper-V)
Send connector is configured to send mail through MX.
Older Netgear Prosafe Firewall - Port 25, 80, 110, 443, 587, and 2525 are open

At first I wasn't getting any mailflow in or out, but now I'm at least getting mail incoming after adding the IP of the server to the network bindings on the receive connectors. Outgoing used to just sit in the drafts (OWA) and do nothing prior to that change, but now it will get to Exchange and in the Queue viewer it shows "441 4.4.1 Error communicating with Host. Failed to connect."

I've researched this last night until I was blue in the face, I've recreated the send connector, I tried some port testing applications to verify port 25 was open, I have a single DNS server configured on the server's NIC, double checked the A record on the DC to make sure it had the correct IP for the exchange server, rebooted multiple times (transport services as well), and there's no antivirus on it.

I cannot telnet to any server (on port 25) from the exchange server, but port 25 is open. I'm assuming this is a DNS issue, but i'm not sure where else to look.

The other issue is Outlook won't connect to exchange either, but I'm assuming if there's a DNS issue somewhere it will fix both.

Thanks in advance!
0
Comment
Question by:Taylor
  • 5
  • 4
9 Comments
 
LVL 17

Assisted Solution

by:Todd Nelson
Todd Nelson earned 2000 total points
ID: 41820250
Where does the Exchange server sit in your network ... DMZ or inside with the other servers?

What DNS servers is the Exchange server NIC set to use?

You say you tried telnet to other servers, does that mean you attempted "telnet outlook.com 25" too?

Is the Windows Firewall enabled or disabled?  If it's disabled, why?  If it's enabled, do you have a group policy applied to the Exchange server?
0
 

Author Comment

by:Taylor
ID: 41820333
Todd,

It's inside with the DC.
The only DNS server configured on the NIC is the IP of the DC.
I'm unable to telnet to outlook.com
Windows firewall is currently disabled for troubleshooting, otherwise it will be on.  

Thanks
0
 
LVL 17

Expert Comment

by:Todd Nelson
ID: 41820356
On the NIC settings, are both IPv4 and IPv6 enabled?

Are you able to ping other servers by IP address, name and FQDN?

If you run "nslookup servername" does it resolve both the DNS server IP address and the IP address of the "servername"?

Is your Exchange server in the same AD site as the other servers and users?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:Taylor
ID: 41820391
IPv6 is disabled on the NICs. It was originally on, but it didn't work then either.

DC and Exchange server can ping each other with no issues using IP, name, and FQDN.

If I do a NSlookup:

On DC:                                 |       On Exch:
Server:  Server1                  |     Server:  Server1
Address:  192.168.1.4        |     Address:  192.168.1.4
                                              |
                                              |  
Name:    Server1                 |     Name:    Server2
Address:  192.168.1.4        |      Address:  192.168.1.5


Exchange Server is in a different OU than the DC, but same domain
0
 

Author Comment

by:Taylor
ID: 41820462
There's no GPO applied to the OU it's in. There'es the default domain policy that's at the domain level. Nothing out of the ordinary in that default GPO.  

I re-enabled IPv6 and it didn't make a difference after restarting transport services.
0
 
LVL 17

Expert Comment

by:Todd Nelson
ID: 41820490
And you don't have a public DNS address set on your NIC for DNS servers?

On the NIC, is the setting "Register this connection's address in DNS" enabled under the advanced IP settings for DNS?

Do you have multiple NICs on the Exchange server?  If so, does only one of them have a gateway assigned?
0
 

Author Comment

by:Taylor
ID: 41820548
Correct, I don't have any public addresses in the NIC settings.

That box is checked

Single NIC

I would like to note that when I was looking through all this stuff yesterday, I did find that on the DNS server, it had the A record for the exchange server as the IP that was assigned to it by DHCP when the server OS first installed. I removed and created a new A record for it with the correct IP. Strange thing was I had no issues pinging back and forth even though the record was wrong.
0
 

Accepted Solution

by:
Taylor earned 0 total points
ID: 41827257
After starting a MS case we found that there were two issues. One was a result of the install not applying default settings on the send connector correctly. The second was the firewall blocking port 25 even though it was allowed through. The default setting was to allow NTLM on the send connector, but in ECP and in the Exchange Shell it said it was enabled. It worked fine after enabling it in the shell even though it was already enabled...
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question