Avatar of Simon Walton
Simon Walton asked on

Exchange2010 to 365 in a Hybrid environment.

We are in the process of migrating exchange 2010 to 365 in a Hybrid environment.


We have the following scenarios

- On-Prem Outlook 2010 with a connector to cluster5out.eu.messagelabs.com

- Exchange 365 with the correct remote domains "mail.company.com"


We have tried to set up "centralized mail transport" and have struggled to connect to the on-premise with the following error.


450 4.4.316 Connection refused [Message=Socket error code 10061] [LastAttemptedServerName=mail.matortho.com] [LastAttemptedIP=217.144.149.180:25] [CWLGBR01FT038.eop-gbr01.prod.protection.outlook.com] 


Our understanding is that port 25 is not set up correctly on our FortiGate 100D

We have added the following inbound and outbound IPv4 Policy's


Microsoft-Outlook has a Total IP's of 9055 




We have unsuccessfully created the "centralized mail transport".


We have 2 options continue down the path of trying to find the solution to the 450 4.4.316 Connection refused

or

We look to configure the 365 Connectors to Symantec message lab.

Symantec Message Lab is our prefered configuration once the migration project has been completed.


Help on both options would be very much appreciated


Best Regards


Simon



ExchangeOutlook

Avatar of undefined
Last Comment
M A

8/22/2022 - Mon
M A

Hi Simon,
With centralized mail transport your onprem server should be up and running 24/7.

Are you planning to decommission Exchange server once all moved or keep the server?

--->We have tried to set up "centralized mail transport" and have struggled to connect to the on-premise with the following error.
Did you configure a connector in cloud to received emails from Onprem?

Did you configure internal to external NAT in your Fortinet ?
ASKER
Simon Walton

Hi MAS

We plan to decommission after the migration is complete.

Yes we have setup a cloud connector

Did you configure internal to external NAT in your Fortinet ? No can confirm NAT is Off

Simon
M A

If your NAT is correct and connector is configured with the NAT IP, You should receive the email from your server.
Please check what is your IP. Open site whatismyipaddress.com from server and make sure it is setup correctly. 
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
ASKER
Simon Walton

IP address is correct although the connector has been set up to use mail.company.com when we tried the IP address it failed with TLS  
Outbound Connector settings



M A

ASKER
Simon Walton

we have been working from the above link - the only thing we cannot do is change the MX records as they point to Symantec - Symantec then point to our IP

Maybe we should look at option 2 and have all emails going through Symantec?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Simon Walton

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.