Please correct me (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Installation



Message


goharkhan -> Please correct me (19.Jul.2007 4:05:21 AM)

Dear all,

Please correct me if i am rong:I have install the exchange server front end backend setup,i can send internet emails but cant recieve emails.My setup is as follow:

I have two exchange servers both in local subnet one is front end and other is back end, I have a netscreen firewall which connect me to internet.I have open all ports from outside toward the fornt end exchange server, i also registered the MX and A record against the puplic IP (which is providing me internet and is connected with the untrusted interface of firewall) BUT still i cant recieve the internet emails.

Now i have some questions:
1.My MX record is register like mail.mycompany.com BUT my front end exchange is has local IP and dont know any thing about mail.mycompany.com(however i have forwarded all traffice from mail.mycompany.com toward the local IP of exchange) will it work??
2.What should i do for making Local users to access exchange on the same URL(mail.mycompany.com) as MX record? in case they are out side the LAN they can access exchange without any problem through internet.currently i m accessig my exchange like http:\\exchangeserver\exchange
3.Do i need any changes in my internal DNS for making this setup to work??
I have internal DNS for active directory enviroment and is configured to farward all requests to DNS of ISP other then my own domain.

Thanks alot










ahanbali -> RE: Please correct me (19.Jul.2007 5:30:07 AM)

1.My MX record is register like mail.mycompany.com BUT my front end exchange is has local IP and dont know any thing about mail.mycompany.com(however i have forwarded all traffice from mail.mycompany.com toward the local IP of exchange) will it work??

You need also to configure Recipient policy to set @mycompany.com fro your users.
 
2.What should i do for making Local users to access exchange on the same URL(mail.mycompany.com) as MX record? in case they are out side the LAN they can access exchange without any problem through internet.currently i m accessig my exchange like http:\\exchangeserver\exchange
 
You need to pulish your mail server webinterfase "Outlook web access" on your firewall. and you may publish RPC Over HTTP to access your mail
 
3.Do i need any changes in my internal DNS for making this setup to work??
I have internal DNS for active directory enviroment and is configured to farward all requests to DNS of ISP other then my own domain.

 
In your case no you dont




goharkhan -> RE: Please correct me (19.Jul.2007 5:47:58 AM)

Thanks ahanbali!

I am not so expert in exchange and it is my first time i am configuring.Could you please tell me step by step how to do it:

1.You need also to configure Recipient policy to set @mycompany.com fro your users.

2.You need to pulish your mail server webinterfase "Outlook web access" on your firewall. and you may publish RPC Over HTTP to access your mail

I will be very thank ful to you if help me solve this problem




ahanbali -> RE: Please correct me (19.Jul.2007 9:30:54 AM)

you may refer to this article http://www.msexchange.org/tutorials/Shared_Hosting_Exchange_2003_Part1.html it will help you creating recipient policy.

regarding the second step it is simple only you need to forward web traffic for your mail domain to your mail server

dont forget to secure it by SSL connection
http://www.isaserver.org/articles/2004owapub.html




goharkhan -> RE: Please correct me (21.Jul.2007 1:45:04 AM)

Hi,

My inernal Domain name and the domain i have registered is the same i.e internal domain is  like mycompany.gov.af and the and the registered MX record and A record is mail.mycompany.gov.af.So i think i am ready done.

Now when i peng the mail.mycompant.gov.af it gives me the IP address of the untrusted inerface of my firewall.but when i put this URL(mail.mycompany.gov.af)  in the internet explorer it doesn't find any thing and go live search for this domian.

and also i still cant receive internet emails.I have forwarded all port from internet toward my front end exchange server.I will configure SSL later once it start working in defaul setup
Update:
Now when i put mail.mycompany.gov.af  it says the page could not be displayed instead of saying the domain not exist.Now what should i do that my firewall understand that mail.mycompany.gov.af (which is register the IP of  firewall puplic IP) traffice belongs to my internal domain which has private IP.I have configured my firewall as sourse address any--distination adress(exchange front end)---serverice any allowed.also source address mail2.mycompany.gov.af ----distination(exchange front  end server) traffice any allowed.But still not working.

Any idea.




ahanbali -> RE: Please correct me (21.Jul.2007 3:01:44 AM)

telnet mail.mycompany.gov.af 25
and follow up to check its configuration validity
by:
helo
mail from: test@test.com
.
rcpt to: test@mycompany.gov.af

cupture the screen and post it here




goharkhan -> RE: Please correct me (21.Jul.2007 5:22:33 AM)

Hi,

I tried teleneting but it does not work, it says that could not open connection to the host on port 25 connection failed.I also tried on port 23 but not working.

any idea




ahanbali -> RE: Please correct me (21.Jul.2007 7:10:40 AM)

This indicate that you have misconfigration on your firewall.

please make sure that your firewall allow traffic on port 25 to forwarded to your exchange server.
and make sure that you have port 25 opened to the internet over through your firewall.




goharkhan -> RE: Please correct me (21.Jul.2007 8:15:10 AM)

Hello again,

I did opened all ports, What i did in my netscreen firewall is given below:

Sourcse address(mail2.mcit.gov.af)----distination address(exchange local IP)----service(any and also telnet(25)----action allow.

But the only thing  i am thinking about how will the firewall know that mail2.mcit.gov.af traffice(either telnet or any) belong to exchange local IP.i dont know any other way to open ports it is the only way in netscreen i think soo.However when i do telnet in LAN through private IP it respond and test can be sent.




ahanbali -> RE: Please correct me (21.Jul.2007 9:00:41 AM)

quote:

helo
250 WIN11 Hello [MYIP]
mail from:test@test.com
250 2.1.0 test@test.com....Sender OK
rcpt to:test@mcit.gov.af
550 5.7.1 Unable to relay for test@mcit.gov.af


when I telnet your server, so tis indecate the server cant relay to mcit.gov.af domain, so did you configure recipient policy for this domain, if so, let us know your SMTP server settings




goharkhan -> RE: Please correct me (22.Jul.2007 12:48:09 AM)

Hello,
the SMTP setting for front end server is:
smtp virtual setting is defualt i.e when i right click on the smtp virtual server and go its properties on General Tab it show All unassigned Address, and access tab shows anonymous access, Basic authentication(send password in clear text), and integrated windows access is checked.cetificates option is grayed out , in connection option All except the list below is selected and In the RELAY RESTRICTION Option ONLY THE EMAILS ADDRESS BELOW IS SELECTED and there are no emails address in the list.

IN recipient policy i have two type of address that is SMTP @mcit.gov.af and X400 .............

Note: Our internal domain name and the domain name hosted is the same.We hosted a domain mcit.gov.af and company is provding email services, BUT we have changed the MX record and A record that point to our own pulic IP, BUT we have noticed that our email traffice dont come to our local exchange, becuase when i send email to any one in our exchange it does not recieve however when i send email to someone@mcit.gov.af (who has account in webhosting) email is recieved.

Why is this so




ismail.mohammed -> RE: Please correct me (22.Jul.2007 5:55:18 AM)

hi,

For betterr understanding along as per Ali suggestion please look into this url
http://www.christensen-software.com/support/config_exchange_2003.htm




wigneys -> RE: Please correct me (24.Jul.2007 8:43:27 PM)

Hi,

If you're still having the problem, I suggest it might be that you need to create a "MIP" on your netscreen device to point from your external (MX) address to your internal address.  Create the MIP on the untrust interface...

Steve.




goharkhan -> RE: Please correct me (30.Jul.2007 8:20:27 AM)

Hi,

I MIP my external MX Record IP(that is the ip of my firewall also as told before) but still does not work.

note:MX record connot be mapped becuase only IPs can be mapped not names.

Now i am thinking about changing my plan i think the front end back end will never work.I want to have only one exchange server haveing two NICs one connected to LAN and other Internet, well this work?? and is this  a good setup.??

Thanks




goharkhan -> RE: Please correct me (1.Aug.2007 1:57:02 AM)

Hi evry body,

I thinking haveing one server with multiple NICs is a good idea, thats y no one responding to my question.So i think i should go for it.Any one can give me some information about configuring exchange on dual NIC server??

Thanks




Page: [1]