DNS problem in remote site
-
Sunday, January 27, 2013 9:24 AMhi ,I have an issue that I could use some help with.
Our company has a main location and a remote location. Previously, the remote location was connected to the main location through an internet connection VPN tunnel. we have an exchnage 2010sp1 in main office. we plan to join all users in remote site to our domain. to be able to join domain in main office, we change primary dns in clients machine to dns located in main office. all machine joined our domain without any problem. but all users couldn't connect to mail. when we check the problem we found users resolve an internal ip address. when we add extrenal in primary dns and main office dns in alternative dns, mail working fine but all users couldn't connect to our domain. we need any help to resolve our issue whitout create any DC or DNS server in remote site? thanks for your fast support and help
Mohamed Farid Senior System Administrator
All Replies
-
Sunday, January 27, 2013 9:59 AMcan you be a bit more specific on how users in the remote site couldnt connect to mail? the dns configuration seemed to be fine as you could join the domain over the vpn tunnel. is there a firewall for the vpn connection? what error do you see when connecting mail (error while opening outlook, while sending mail)? what method do you use? can users access outlook web access? can you connect with telnet on port 25 to the mailserver from the remote site?
-
Sunday, January 27, 2013 11:14 AM
users in remote site join domain through VPN tunnel when we add in client network connection the primary ip address in main office. when users try to access outlook or web fail because we didn't open any exchange ports from remote site firewall
Mohamed Farid Senior System Administrator
-
Sunday, January 27, 2013 11:52 AMtake a look at the following document to check required ports for exchange server access http://technet.microsoft.com/en-us/library/bb331973(v=exchg.141).aspx
-
Sunday, January 27, 2013 12:27 PM
thanks for your support. but i don't need to access mail through vpn tunnel. i need to access it from internet
Mohamed Farid Senior System Administrator
-
Sunday, January 27, 2013 7:03 PM
You need to deploy outlook anywhere (rpc-over-http). For this you will need to purchase a trusted public certificate.
http://exchangeserverpro.com/how-to-configure-exchange-server-2010-outlook-anywhere
If you want you can enable external imap access but try to avoid this or at least use secured ports like 993,465,587 and make sure you use a smart host or an edge server so you don't have an open relay.http://technet.microsoft.com/en-us/library/bb125159(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/bb331973(v=exchg.141).aspx - Exchange Port reference
Also you can get better information about Exchange on the Exchange 2010 forums: http://social.technet.microsoft.com/Forums/en/exchange2010/threads
- Proposed As Answer by Yagmoth555 Monday, January 28, 2013 2:55 AM
- Marked As Answer by Cheers ZHANGMicrosoft Contingent Staff, Moderator Monday, February 04, 2013 9:06 AM
.png)
