Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.
Watchguard firewall causing migrationwiz migration to office 365 from SBS 2011 standard to fail?z
I am doing my first sbs 2011 Standard to office 365 hosted exchange migration.
I am using migration wiz and 4 of 5 mailboxes failed. one talked of actively refiusing the connection.
It reminded me - there's a watchguard firewall at the sbs 2011 location. I remember once someone else having a problem with too much data going to /. from 1 place that the watchguard shut it off - there's a setting to limit amount of data to / from 1 external location that was on by default.
Anyone know where that is? Could that be why they are failing the migration?
can you tell me where to look to disable that if it's on. and maybe where to look to see if that feature was activatted in the last 48 hours?
THANKS!
I am using migration wiz and 4 of 5 mailboxes failed. one talked of actively refiusing the connection.
It reminded me - there's a watchguard firewall at the sbs 2011 location. I remember once someone else having a problem with too much data going to /. from 1 place that the watchguard shut it off - there's a setting to limit amount of data to / from 1 external location that was on by default.
Anyone know where that is? Could that be why they are failing the migration?
can you tell me where to look to disable that if it's on. and maybe where to look to see if that feature was activatted in the last 48 hours?
THANKS!
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
I'm running them again. But here's some. 1 user got 1000 errors of this, another got a lower number. but they passed the password veriification.
Active Directory is unavailable. Try again later
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> No connection could be made because the target machine actively refused it 75.127.196.xxx:443
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 75.127.196.xxx:443
This is one I hadn't seen before:
Inconsistent get item response (0 items returned but more are available)
it's an older 2011 standard SBS so is there maintenance I should be doing first?
The autodiscver test:
The Microsoft Connectivity Analyzer is attempting to test Autodiscover for x@y.com
Autodiscover was tested successfully.
Active Directory is unavailable. Try again later
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> No connection could be made because the target machine actively refused it 75.127.196.xxx:443
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 75.127.196.xxx:443
This is one I hadn't seen before:
Inconsistent get item response (0 items returned but more are available)
it's an older 2011 standard SBS so is there maintenance I should be doing first?
The autodiscver test:
The Microsoft Connectivity Analyzer is attempting to test Autodiscover for x@y.com
Autodiscover was tested successfully.
I see this:
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> No connection could be made because the target machine actively refused it 75.127.196.xxx:443
So basically target machine i.e. SBS server has refused request on port 443.
Can you check what IP: 75.127.196.xxx is. Is this the IP of your firewall. If yes then make sure to open port 443 for IP: 75.127.196.xxx
The request failed. Unable to connect to the remote server ---> Unable to connect to the remote server ---> No connection could be made because the target machine actively refused it 75.127.196.xxx:443
So basically target machine i.e. SBS server has refused request on port 443.
Can you check what IP: 75.127.196.xxx is. Is this the IP of your firewall. If yes then make sure to open port 443 for IP: 75.127.196.xxx
Kindly follow Migration Wiz article for firewall requirement: "How do I set up router ports for OWA traffic when performing an On-Premises Exchange to On-Premises Exchange migration?"
https://help.bittitan.com/hc/en-us/articles/115008107167
https://help.bittitan.com/hc/en-us/articles/115008107167
Based on your details and issues to date, I tend not to think that it is the firewall. HOWEVER, if your port 80 and 443 rules are proxies, I could see where this could intermittently get in the way depending on the contents of the mailbox. Especially if you have Deep Packet Inspection turned on.
This could be a complex issue to resolve and even more so without me knowing what your config looks like. But a relatively simple (but less secure) way to deal with this would be to create an unfiltered packet filter outbound from the machine running the migration wizard. Because 365 has so many sub URLs, I would just add HTTP and HTTPS rules (not HTTP-Proxy and HTTPS-Proxy) from the IP of the migrationwiz server to Any-External. Because it is a packet filter and pretty specific in nature, it should come in higher than your default proxy rules and take precedence (assuming yout auto-order is on as it should be). I would also turn on logging for that rule so that you can prove that it is being used. Once you can launch the wizard and see that traffic traversing the new packet filter rules, run your migration test again. If it succeeds, you are good to go. If it does not succeed, you can be pretty sure that it is not the firewall causing the issue.
Good luck.
~Jon
This could be a complex issue to resolve and even more so without me knowing what your config looks like. But a relatively simple (but less secure) way to deal with this would be to create an unfiltered packet filter outbound from the machine running the migration wizard. Because 365 has so many sub URLs, I would just add HTTP and HTTPS rules (not HTTP-Proxy and HTTPS-Proxy) from the IP of the migrationwiz server to Any-External. Because it is a packet filter and pretty specific in nature, it should come in higher than your default proxy rules and take precedence (assuming yout auto-order is on as it should be). I would also turn on logging for that rule so that you can prove that it is being used. Once you can launch the wizard and see that traffic traversing the new packet filter rules, run your migration test again. If it succeeds, you are good to go. If it does not succeed, you can be pretty sure that it is not the firewall causing the issue.
Good luck.
~Jon
I was researching on the error which you received :
This is one I hadn't seen before:
Inconsistent get item response (0 items returned but more are available)
As per Bittitan reference article: https://help.bittitan.com/hc/en-us/articles/115008263948-Inconsistent-get-item-response-0-items-returned-but-more-are-available-
Answer:
This error occurs when the Source server is overloaded and MigrationWiz is unable to get consistent responses from the Exchange server. To prevent additional issues, MigrationWiz stops the migration.
Resolve this issue by investigating the health of the Source server. To help reduce the load on the server, lower the number of concurrent migrations.
This error can also occur because the number of items in a single folder is quite large, and causes the Source server to return only partial responses.
If this error persists, using the Advanced Support option DisableEWSDataConsistencyC
This is one I hadn't seen before:
Inconsistent get item response (0 items returned but more are available)
As per Bittitan reference article: https://help.bittitan.com/hc/en-us/articles/115008263948-Inconsistent-get-item-response-0-items-returned-but-more-are-available-
Answer:
This error occurs when the Source server is overloaded and MigrationWiz is unable to get consistent responses from the Exchange server. To prevent additional issues, MigrationWiz stops the migration.
Resolve this issue by investigating the health of the Source server. To help reduce the load on the server, lower the number of concurrent migrations.
This error can also occur because the number of items in a single folder is quite large, and causes the Source server to return only partial responses.
If this error persists, using the Advanced Support option DisableEWSDataConsistencyC
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Excel 2010 Basic 264 lessons
-
Microsoft ApplicationsCertification: MCP MCSA Microsoft Certified Partner & Solutions Ass… 377 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
You can test autodiscover using testexchangeconnectivity.c
Can you paste the error of the failed mailboxes in here for review.