• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange 2007 muli homed route problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2007] >> Message Routing >> Exchange 2007 muli homed route problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange 2007 muli homed route problem - 13.Mar.2009 3:08:28 PM   
lcsgeek

 

Posts: 47
Joined: 15.Jul.2005
From: MI, USA
Status: offline
My exchange 2007 box is muli homed with one leg pointing to he private lan and one pointing to our DMZ.  We have a barracuda spam filter we're using as a smtp gateway which sits on the DMZ.  I've keyed in the barracuda's ip address (since it's on the DMZ it has a public address) as a smart host in my send connector, however on the source server tab it's pulling our private lan information from AD sites and services.  So my Internet mail is routing across our private lan to our firewall and then back into the DMZ to the barracuda and then out the barracuda to the internet.  Is there a way I can configure the send connector to stop using AD sites and services and use the DMZ leg of the Exchange 2007 box which isn't registerd in AD sites and services?
Post #: 1
RE: Exchange 2007 muli homed route problem - 13.Mar.2009 3:27:09 PM   
mark@mvps.org

 

Posts: 6811
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
What you currently have is not, as you've written it, a supported configuration. Your Exchange server does not need two network cards, just for the DMZ to be configured correctly, if it isn't already.
Rather than fix what you have I would suggest you just fixed the configuration which would take your problem away.

_____________________________

Mark Arnold (Exchange MVP)
List Moderator

(in reply to lcsgeek)
Post #: 2
RE: Exchange 2007 muli homed route problem - 13.Mar.2009 4:17:19 PM   
lcsgeek

 

Posts: 47
Joined: 15.Jul.2005
From: MI, USA
Status: offline
Let me try again because my configuration is nothing out of the ordinary.

The Exchange Server 2007 (ES07) (which by the way is replacing an ES03 that has the exact same interfaces) has a network interface connected to the private LAN for internal mail and another interface connected to the DMZ for Internet bound emial routing.  This configuration has worked for 3 years using the ES03, I find it hard to believe that by upgrading to ES07 that this configuration isn't supported.

All ES07 server roles are running on the same physical box and idealy I want all inbound and outbound Internet mail to traverse my barracuda spam filter on the DMZ.  I don't want or need any internal mail traversing the barracuda.

Right now it looks to me like the ES07 is routing mail out my 10.0.0.1 router to get to my 208.191.173.120 barracuda device when all it really needs to do to contact the barracuda is to send messages out via its DMZ pointing interface.

How do I accomplish this when my DMZ isn't defined in AD Sites and Services and I have no way of defining it in AD Sites and Services since there aren't any Domain Controlers on that segment?

(in reply to mark@mvps.org)
Post #: 3
RE: Exchange 2007 muli homed route problem - 13.Mar.2009 4:53:29 PM   
mark@mvps.org

 

Posts: 6811
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
OK. Sorry. No. The configuration is out of the ordinary, is not supported and is, in fact, wrong. The fact that the 2003 box was also like that only removes the word suported from my previous. It is not supported because your CAS becomes "in" the DMZ regardless of whether you're using it as a CAS through that interface. Really sir, you are just wrong to configure your network in such a way. It was bad and wrong in 2003 and it's no better in 2007. What's more, it's unecessarily complex for you to do it this way.

Do this.
One network card only. One.
One default gateway.
On your send connector you enter the IP address of the the barracuda box as the smarthost. All mail will then go to that box and be processed as per your desire. That is perfectly ordinary and a jolly good solution.
Inbound mail is received and processed on the B and forwarded to Exchange. The B knows the address of Exchange because you told it and it knows the route because you also told it the gateway.

And if you look between the lines of the previous paragraphs you will actually have seen the answer to the configuration you want. Hint. If you have an interface with a 208. network address and a B box with a 208 address and if you then create a send connector routing email to a smarthost that has a 208 address you will then.... there you go, you got it now.

Seriously though, the configuration is bad, unecessary, overly complex, less secure and - should you call for support - not supported. Not that you'd call for support on the CAS component but still, that's the way it is.

_____________________________

Mark Arnold (Exchange MVP)
List Moderator

(in reply to lcsgeek)
Post #: 4
RE: Exchange 2007 muli homed route problem - 13.Mar.2009 6:51:20 PM   
lcsgeek

 

Posts: 47
Joined: 15.Jul.2005
From: MI, USA
Status: offline
Mr. Wrong here responding to anyone else who might have this trouble.  Just got off the phone with Microsoft and found that I mistakenly added my smtp gateway address as a smarthost on my STMP virtual server on the E2K3 box.  Once I corrected that everything started routing just fine.

(in reply to lcsgeek)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2007] >> Message Routing >> Exchange 2007 muli homed route problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter