none
office365 unable to telnet from windows 2012R2 server

    Question

  • Hi there,

    I have an issue in telnet. I Have fulcrumglobal.net internal domain, from server 2012R2 server trying telnet smtp.office365.com 587, but the error shows "could not open connection to the host....." I have opened 587 port in firewall exceptions. But when I add the smtp.office365.com and their IP in local file C:\Windows\System32\drivers\etc\hosts, telnet is working for this address. the same thing I'm trying to add in DNS server created separate domain office365.com and by adding A record with same IP of smtp.offce365.com, Telnet is not happening.

    please let me know how can I make it work this.

    Regards,

    Gourish M

    Thursday, December 22, 2016 8:27 AM

Answers

  • You can open port 53 on your firewall
    Or you can change primary dns to internal, and check if internal dns is able to resolve your request
    • Marked as answer by Gourish.M Friday, December 23, 2016 5:09 AM
    • Unmarked as answer by Gourish.M Friday, December 23, 2016 5:09 AM
    • Marked as answer by Gourish.M Friday, December 23, 2016 5:10 AM
    Thursday, December 22, 2016 2:05 PM

All replies

  • Hi,

    I believe there is some problem with your dns system.
    you should check default name resolution on your server:
    just enter in cmd  nslookup smtp.office365.com and check that your dns server returns correct ip address.
    If your dns fails to resolve this name, you should check forwarders to external dns or root hints. 
    Thursday, December 22, 2016 9:31 AM
  • Hi,

    But in domain clients there is no issue, if I perform Nslookup details shown below which I have configured the new zone.

    Name:    smtp.office365.com
    Address:  40.97.162.162

    my default internal AD domain is  fulcrumglobal.net, so i cannot create the A record because Office365 is different domain. please suggest how can I solve this issue in DNS part. 

    Also please let me know how to check the forwarders to external DNS since I'm new to DNS.

    Thursday, December 22, 2016 9:48 AM
  • Did you perform nslookup on the server?

    You shouldn't create a zone or record in your internal dns, due to your server is not authoritative for this zone.
    You can create a forwarder, which will relay all requests, that your internal dns cannot resolve, to external dns (your isp dns or another)
    Here is a article: Configure a DNS Server to Use Forwarders
    Thursday, December 22, 2016 10:25 AM
  • forwarder is resolving smtp.office365.com IP if I add the same IP in hosts file. forwarder is not resolving IP if I remove from hosts file. My DNS server Proffered DNS IP is global IP.

    when I perform nslookup from server, smtp.office365.com is not resolving 

    suspecting on Firewall, please suggest if any other way to check the same.

    thanks you in advance.

    

    Thursday, December 22, 2016 1:25 PM
  • You can open port 53 on your firewall
    Or you can change primary dns to internal, and check if internal dns is able to resolve your request
    • Marked as answer by Gourish.M Friday, December 23, 2016 5:09 AM
    • Unmarked as answer by Gourish.M Friday, December 23, 2016 5:09 AM
    • Marked as answer by Gourish.M Friday, December 23, 2016 5:10 AM
    Thursday, December 22, 2016 2:05 PM
  • Hi Good Morning!

    I have opened the 53 port in server windows firewall and removed entry from hosts file. performed telnet from the server to smtp.office365.com it is working fine.

    but in some of the forum 53 port is used by many malware and trojan to enter in the network? if I open 53 port will there be a threat to my network? please let me know.

    Regards,

    Gourish

    Friday, December 23, 2016 5:15 AM
  • Hi Good Morning!

    I have opened the 53 port in server windows firewall and removed entry from hosts file. performed telnet from the server to smtp.office365.com it is working fine.

    but in some of the forum 53 port is used by many malware and trojan to enter in the network? if I open 53 port will there be a threat to my network? please let me know.

    Regards,

    Gourish

    http://www.speedguide.net/port.php?port=53 
    Friday, December 23, 2016 5:17 AM
  • In general, best practice is to configure external forwarding\root hints on internal dns, and use them for external names resolution. All domain-joined workstations and servers should use internal DNS. 
    Please check this article related to DNS forwarding:
    Best Practices for DNS Forwarding
    DNS Forwarders vs. Root Hints in Windows Server


    • Edited by BearEater Friday, December 23, 2016 5:42 AM
    Friday, December 23, 2016 5:41 AM