More fun with Exchange has been had. Firstly by default exchange is configured for Internal .local domain mail only. So you need to add a new domain under Organization Configuration -> Hub Transport -> Accepted Domains. Then add a new Policy to make that external mail address default. This will enable the server to receive mail for this external domain.

But the fun doesn’t stop there. You now need to add a Send Connector, while you are not relaying through an ISP you still need to tell it to route mail via MX requests from DNS records. This is a given in SBS so i found it confusing at first but given the “Edge Server” that Microsoft try to push, it begins to make sense.

Now my server is setup and when i try to send a test email i get this error “530 5.7.1 Client was not authenticated Connection closed by foreign host”. This error is again down to Exchange 2010 expecting to see a transport server from the edge, and not a users mail server trying to deliver it directly to exchange. The work around for this will make your server accept mail from all servers but once you have your “Accepted Domains” in the section above listed correctly then it will not be a problem. For quick ease this is the command: Set-ReceiveConnector -Identity “Default <servername>” -PermissionGroups “AnonymousUsers”

Another snag in the remote mail setup. The self assigned certificate isn’t being accepted by outlook. I had gotten a free SSL certificate when i purchased my domain personatechsystems.com as my testing domain. The good folk at www.namecheap.com supplied me with a “Positive SSL” certificate.
Importing/exporting explained here http://www.digicert.com/ssl-support/pfx-import-export-iis-7.htm

Certificate installed and i still cannot add an Exchange mail account to Outlook 2010 with mail over https selected. I would have hoped that Microsoft had resolved this “issue” for fully remote users to not need to use a VPN to setup the mailbox initially. However the need for a VPN brings me to installing Routing and Remote access for a VPN. Guide source http://www.microsoft.com/downloads/details.aspx?FamilyID=7E973087-3D2D-4CAC-ABDF-CC7BDE298847&displaylang=en . In Server 2008 R2, Routing and remote access is installed via the Network Policy and Access Services (NPAS) role. Configuring this is the same as server 2003, although it does require 2 NIC’s, choosing a custom install will get around this. Do NOT use 2 nics as it will install the server as a Router, which is not what we want.

My progress on this was hindered today due to a migration of data from an old server 2000 box in work to my new DFS. More tomorrow.

2010 · Exchange · Office · Routing · VPN

No comments yet.

<< COD: MW2

Exchange 2010 – Day 1 >>