Public DNS Exchange 2007/2013 Coexistence

What should the public DNS be setup as for Exchange 2007/2013 coexistence.  I may be over thinking this but, do I adjust my firewall to point the existing IP to my EXCH2013?  I'm confused at this point.  I'm not sure how the additional public IP I setup comes into play.  currently I have mail.domain.com, legacy.domain.com, autodiscover.domain.com pointing to my Exchange 2007 server.  I added an IP for newmail.domain.com pointing to Exchange 2013.  I don't plan on using the name newmail but wanted it up there so I could have a placeholder.  I just don't understand how the new IP would come into play.  I would think I just adjust my firewall to point to my 2013 server.

Example of my public DNS:
mail.domain.com - 66.67.68.1
legacy.domain.com - 66.67.68.1
autodiscover.domain.com - 66.67.68.1
newmail.domain.com - 66.67.68.2

New setup?
mail.domain.com - 66.67.68.2
legacy.domain.com - 66.67.68.1
autodiscover.domain.com - 66.67.68.2
???
ZeeIT ManagerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jose Gabriel Ortega CastroEE Rookie/Solution Guide/Topic Advisor and CEO Faru Bonon ITCommented:
HI Zee.
well you have your exchange server 2013, that's the latest version of exchange server.

So you already installed it, so just configure it.

So all your entry points should be pointed to your latest version of Exchange as a general rule.

So don't overthink and the Coexistence of the Exchange will take care of the communication between them.

https://secureinfra.blog/2013/07/25/part-1-step-by-step-exchange-2007-to-2013-migration/

So...
If you don't plan to use newmail.domain.com...
you'd need to adjust the internal URLs on 2007 to match (legacy.domain.com)
and use on your exchange server 2013 the one that you want to use as final.
MaheshArchitectCommented:
Point mail.domain.com and autodiscover.domain.com to exchange 2013 internally and externally - 1st public IP
Point legacy url to 2007 internally and externally - 2nd public IP
Exchange 2013 redirect traffic to 2007 url (legacy) when mailbox is on 2007 server
MASEE Solution Guide - Technical Dept HeadCommented:
Here is a detailed article from Microsoft Technet.
https://blogs.technet.microsoft.com/meamcs/2013/07/25/part-1-step-by-step-exchange-2007-to-2013-migration/
http://msexchangeguru.com/2013/05/10/exchange2013-migration/

You can use this to configure your Exchange2013 URLs and certificate.
https://www.experts-exchange.com/articles/29662/Exchange-2013-Fix-for-an-Invalid-certificate-and-related-issues.html

Use this to generate command for CSR. Refer Above article for the name requirements.
https://www.experts-exchange.com/articles/28662/Easy-CSR-creation-Exchange-2007-2010-and-2013.html

As commented above after configuring all these point common name and autodiscover to 2013.
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

ZeeIT ManagerAuthor Commented:
Thank you Jose, but I've already used that article to do my installation along with various other sites.  I'm all set with everything except for the cert and external dns.
ZeeIT ManagerAuthor Commented:
Mahesh, thank you for this info.  I'm sorry if you answered this in your comment but should I change my newmail.domain.com to the mail.domain.com IP address?  Then set legacy.domain.com to the IP I set for newmail and then adjust my firewall?
ZeeIT ManagerAuthor Commented:
MAS, thank you. I've seen both of the first 2 articles and already have my URLs all setup.  All I need is to understand/setup my external IPs.  I'm lost as to how the new external IP comes into play. I'm beginning to think I just adjust my firewall and set legacy to newmail.domain.com IP.
ZeeIT ManagerAuthor Commented:
Ok, so I just adjusted my public DNS.

mail.domain.com > Exchange 13
autodiscover.domain.com > Exchange 13
legacy.domain.com Exchange > 07

I thought it would be easier to go at this from the firewall route but may be overthinking it.  So I went the public DNS route...
MASEE Solution Guide - Technical Dept HeadCommented:
Above is correct.
1. Configure legacy.domain.com URLs in Exchange 2007.
2. Point your legacy.domain.com to exchange 2007 (internal DNS and external DNS).
3. Point your mail.domain.com (common name) to exchange 2013 (internal DNS and external DNS).
4. Point your autodiscover.domain.com (common name) to exchange 2013 (internal DNS and external DNS).

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ZeeIT ManagerAuthor Commented:
Thank you for confirming MAS.  Thank you all for responding so quickly.  I just tested my changes and I am all set.
MASEE Solution Guide - Technical Dept HeadCommented:
Glad to know we could help. :))
ZeeIT ManagerAuthor Commented:
After my changes mail was getting stuck in my 2013 queue.  Turns out I had to create a receive connector to allow the internal relaying to happened.  Not sure how I missed that but I'm not seeing it in the steps outlined by Microsoft for 2013/2007 coexistence.

https://community.spiceworks.com/topic/1923259-internal-mail-flow-getting-stuck-in-queue-exchange-2013-and-2007-coexistence
https://docs.microsoft.com/en-us/Exchange/mail-flow/connectors/allow-anonymous-relay?view=exchserver-2019

In case anyone else runs into this problem.  I'm all set now with the 2 servers running and mail flowing.  Time to relax and BBQ, lol.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.