• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Please correct me

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Installation >> Please correct me Page: [1]
Login
Message << Older Topic   Newer Topic >>
Please correct me - 19.Jul.2007 4:05:21 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Dear all,

Please correct me if i am rong:I have install the exchange server front end backend setup,i can send internet emails but cant recieve emails.My setup is as follow:

I have two exchange servers both in local subnet one is front end and other is back end, I have a netscreen firewall which connect me to internet.I have open all ports from outside toward the fornt end exchange server, i also registered the MX and A record against the puplic IP (which is providing me internet and is connected with the untrusted interface of firewall) BUT still i cant recieve the internet emails.

Now i have some questions:
1.My MX record is register like mail.mycompany.com BUT my front end exchange is has local IP and dont know any thing about mail.mycompany.com(however i have forwarded all traffice from mail.mycompany.com toward the local IP of exchange) will it work??
2.What should i do for making Local users to access exchange on the same URL(mail.mycompany.com) as MX record? in case they are out side the LAN they can access exchange without any problem through internet.currently i m accessig my exchange like http:\\exchangeserver\exchange
3.Do i need any changes in my internal DNS for making this setup to work??
I have internal DNS for active directory enviroment and is configured to farward all requests to DNS of ISP other then my own domain.

Thanks alot






Post #: 1
RE: Please correct me - 19.Jul.2007 5:30:07 AM   
ahanbali

 

Posts: 234
Joined: 26.Aug.2006
Status: offline
1.My MX record is register like mail.mycompany.com BUT my front end exchange is has local IP and dont know any thing about mail.mycompany.com(however i have forwarded all traffice from mail.mycompany.com toward the local IP of exchange) will it work??

You need also to configure Recipient policy to set @mycompany.com fro your users.
 
2.What should i do for making Local users to access exchange on the same URL(mail.mycompany.com) as MX record? in case they are out side the LAN they can access exchange without any problem through internet.currently i m accessig my exchange like http:\\exchangeserver\exchange
 
You need to pulish your mail server webinterfase "Outlook web access" on your firewall. and you may publish RPC Over HTTP to access your mail
 
3.Do i need any changes in my internal DNS for making this setup to work??
I have internal DNS for active directory enviroment and is configured to farward all requests to DNS of ISP other then my own domain.

 
In your case no you dont

_____________________________

Abdelrahim I. Al-Hanbali
www.micromissions.com

(in reply to goharkhan)
Post #: 2
RE: Please correct me - 19.Jul.2007 5:47:58 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Thanks ahanbali!

I am not so expert in exchange and it is my first time i am configuring.Could you please tell me step by step how to do it:

1.You need also to configure Recipient policy to set @mycompany.com fro your users.

2.You need to pulish your mail server webinterfase "Outlook web access" on your firewall. and you may publish RPC Over HTTP to access your mail

I will be very thank ful to you if help me solve this problem

(in reply to ahanbali)
Post #: 3
RE: Please correct me - 19.Jul.2007 9:30:54 AM   
ahanbali

 

Posts: 234
Joined: 26.Aug.2006
Status: offline
you may refer to this article http://www.msexchange.org/tutorials/Shared_Hosting_Exchange_2003_Part1.html it will help you creating recipient policy.

regarding the second step it is simple only you need to forward web traffic for your mail domain to your mail server

dont forget to secure it by SSL connection
http://www.isaserver.org/articles/2004owapub.html


_____________________________

Abdelrahim I. Al-Hanbali
www.micromissions.com

(in reply to goharkhan)
Post #: 4
RE: Please correct me - 21.Jul.2007 1:45:04 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hi,

My inernal Domain name and the domain i have registered is the same i.e internal domain is  like mycompany.gov.af and the and the registered MX record and A record is mail.mycompany.gov.af.So i think i am ready done.

Now when i peng the mail.mycompant.gov.af it gives me the IP address of the untrusted inerface of my firewall.but when i put this URL(mail.mycompany.gov.af)  in the internet explorer it doesn't find any thing and go live search for this domian.

and also i still cant receive internet emails.I have forwarded all port from internet toward my front end exchange server.I will configure SSL later once it start working in defaul setup
Update:
Now when i put mail.mycompany.gov.af  it says the page could not be displayed instead of saying the domain not exist.Now what should i do that my firewall understand that mail.mycompany.gov.af (which is register the IP of  firewall puplic IP) traffice belongs to my internal domain which has private IP.I have configured my firewall as sourse address any--distination adress(exchange front end)---serverice any allowed.also source address mail2.mycompany.gov.af ----distination(exchange front  end server) traffice any allowed.But still not working.

Any idea.

< Message edited by goharkhan -- 21.Jul.2007 4:07:03 AM >

(in reply to ahanbali)
Post #: 5
RE: Please correct me - 21.Jul.2007 3:01:44 AM   
ahanbali

 

Posts: 234
Joined: 26.Aug.2006
Status: offline
telnet mail.mycompany.gov.af 25
and follow up to check its configuration validity
by:
helo
mail from: test@test.com
.
rcpt to: test@mycompany.gov.af

cupture the screen and post it here

_____________________________

Abdelrahim I. Al-Hanbali
www.micromissions.com

(in reply to goharkhan)
Post #: 6
RE: Please correct me - 21.Jul.2007 5:22:33 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hi,

I tried teleneting but it does not work, it says that could not open connection to the host on port 25 connection failed.I also tried on port 23 but not working.

any idea

(in reply to ahanbali)
Post #: 7
RE: Please correct me - 21.Jul.2007 7:10:40 AM   
ahanbali

 

Posts: 234
Joined: 26.Aug.2006
Status: offline
This indicate that you have misconfigration on your firewall.

please make sure that your firewall allow traffic on port 25 to forwarded to your exchange server.
and make sure that you have port 25 opened to the internet over through your firewall.

_____________________________

Abdelrahim I. Al-Hanbali
www.micromissions.com

(in reply to goharkhan)
Post #: 8
RE: Please correct me - 21.Jul.2007 8:15:10 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hello again,

I did opened all ports, What i did in my netscreen firewall is given below:

Sourcse address(mail2.mcit.gov.af)----distination address(exchange local IP)----service(any and also telnet(25)----action allow.

But the only thing  i am thinking about how will the firewall know that mail2.mcit.gov.af traffice(either telnet or any) belong to exchange local IP.i dont know any other way to open ports it is the only way in netscreen i think soo.However when i do telnet in LAN through private IP it respond and test can be sent.

(in reply to ahanbali)
Post #: 9
RE: Please correct me - 21.Jul.2007 9:00:41 AM   
ahanbali

 

Posts: 234
Joined: 26.Aug.2006
Status: offline
quote:

helo
250 WIN11 Hello [MYIP]
mail from:test@test.com
250 2.1.0 test@test.com....Sender OK
rcpt to:test@mcit.gov.af
550 5.7.1 Unable to relay for test@mcit.gov.af


when I telnet your server, so tis indecate the server cant relay to mcit.gov.af domain, so did you configure recipient policy for this domain, if so, let us know your SMTP server settings

_____________________________

Abdelrahim I. Al-Hanbali
www.micromissions.com

(in reply to goharkhan)
Post #: 10
RE: Please correct me - 22.Jul.2007 12:48:09 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hello,
the SMTP setting for front end server is:
smtp virtual setting is defualt i.e when i right click on the smtp virtual server and go its properties on General Tab it show All unassigned Address, and access tab shows anonymous access, Basic authentication(send password in clear text), and integrated windows access is checked.cetificates option is grayed out , in connection option All except the list below is selected and In the RELAY RESTRICTION Option ONLY THE EMAILS ADDRESS BELOW IS SELECTED and there are no emails address in the list.

IN recipient policy i have two type of address that is SMTP @mcit.gov.af and X400 .............

Note: Our internal domain name and the domain name hosted is the same.We hosted a domain mcit.gov.af and company is provding email services, BUT we have changed the MX record and A record that point to our own pulic IP, BUT we have noticed that our email traffice dont come to our local exchange, becuase when i send email to any one in our exchange it does not recieve however when i send email to someone@mcit.gov.af (who has account in webhosting) email is recieved.

Why is this so

(in reply to ahanbali)
Post #: 11
RE: Please correct me - 22.Jul.2007 5:55:18 AM   
ismail.mohammed

 

Posts: 3018
Joined: 9.May2007
From: India
Status: offline
hi,

For betterr understanding along as per Ali suggestion please look into this url
http://www.christensen-software.com/support/config_exchange_2003.htm

(in reply to goharkhan)
Post #: 12
RE: Please correct me - 24.Jul.2007 8:43:27 PM   
wigneys

 

Posts: 1
Joined: 24.Jul.2007
Status: offline
Hi,

If you're still having the problem, I suggest it might be that you need to create a "MIP" on your netscreen device to point from your external (MX) address to your internal address.  Create the MIP on the untrust interface...

Steve.

(in reply to ismail.mohammed)
Post #: 13
RE: Please correct me - 30.Jul.2007 8:20:27 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hi,

I MIP my external MX Record IP(that is the ip of my firewall also as told before) but still does not work.

note:MX record connot be mapped becuase only IPs can be mapped not names.

Now i am thinking about changing my plan i think the front end back end will never work.I want to have only one exchange server haveing two NICs one connected to LAN and other Internet, well this work?? and is this  a good setup.??

Thanks

(in reply to wigneys)
Post #: 14
RE: Please correct me - 1.Aug.2007 1:57:02 AM   
goharkhan

 

Posts: 81
Joined: 5.Jul.2007
Status: offline
Hi evry body,

I thinking haveing one server with multiple NICs is a good idea, thats y no one responding to my question.So i think i should go for it.Any one can give me some information about configuring exchange on dual NIC server??

Thanks

(in reply to goharkhan)
Post #: 15

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Installation >> Please correct me Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter