Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎01-03-2011 02:57 AM

How to publish Exchange Server in Fortigate

Hello, I configured exchange server behind fortigate ,The OWA is working properly and I can send email but cannot receive any email , I got this error " Sorry, no mailbox here by that name. (#5.1.1)" I just using Virtual IP , is there any special setting I missed ? thanks
13188
0 Kudos
20 REPLIES 20
Not applicable
In response to ede_pfau

Created on ‎01-04-2011 01:29 AM

I tried again to telnet from outside the LAN , I got black screen without any text appeared or error . the telnet is working properly when trying from lan to internal IP of exchange. I tried to tracert & it is complete to the end without any problem Also I can ping the external IP of exchange successfuly
1317
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎01-03-2011 08:06 AM

thanks Maik, I meant telnet to the SMTP port but didn' t write it...still not running at 100%. OWA can work with the same VIP as the VIP is not port-forwarding. Hossam, I completely agree with Maik' s observations. Check the server logs first.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
1317
0 Kudos
discoveryit
New Contributor

Created on ‎01-03-2011 09:30 AM

you should setup your VIP with port 25 forwarded inbound. instead of forwarding the entire range. That allows you to use that IP for other things. Telnet should look like this telnet mail.server.com 25 <tests port 25 not 23.
FCNSP
FCNSP
Preview file
49 KB
1317
0 Kudos
discoveryit
New Contributor

Created on ‎01-03-2011 09:31 AM

Vip Policy
FCNSP
FCNSP
Preview file
40 KB
1317
0 Kudos
Not applicable
In response to discoveryit

Created on ‎01-04-2011 01:46 AM

thank you for your response , I tried to specify the port as you described but the same problem beside in this case I cannot login from outside using OWA
1317
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎01-04-2011 03:44 AM

OWA can work with the same VIP as the VIP is not port-forwarding.
I say it again in other words: OWA cannot work with the same VIP _if_ it is port-forwarding SMTP. If you don' t read the posts then this is fruitless.
tried to tracert & it is complete to the end without any problem Also I can ping the external IP of exchange successfuly
Does that mean you pinged 2 different IPs? Which ones? We are still guessing instead of getting information - I already asked for the IPs 7 posts ago. And again, what do you see in the server logs?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
1317
0 Kudos
Not applicable
In response to ede_pfau

Created on ‎01-04-2011 04:15 AM

What is wrong with you ? why you are talking to me like this ???? You replied to Maik
OWA can work with the same VIP as the VIP is not port-forwarding.
I replied to discoveryit
I tried to specify the port as you described but the same problem beside in this case I cannot login from outside using OWA.
so what ?????? what is wrong ???? I described to discoveryit that when I I enable port-forwarding OWA didn' t work .
Does that mean you pinged 2 different IPs? Which ones? We are still guessing instead of getting information - I already asked for the IPs 7 posts ago.
I Said I can ping just the external IP , the VIP of exchange server, I don' t sad two IP please check this diagram The VIP = 1.1.1.2 & this the MX record
Preview file
76 KB
1317
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎01-04-2011 04:51 AM

Keep it cool. It' s only a technical issue. All I was saying is that you waste time configuring a port-forwarding VIP. I stated that both SMTP and OWA are working because it is not a port-forwarding VIP, then you tried it and voila OWA stopped working. That was for sure.
I tried to tracert & it is complete to the end without any problem Also I can ping the external IP of exchange successfuly
" Also" makes me believe that you tracerouted to one IP, and pinged to the VIP. If you tracerouted and pinged to the same IP (the VIP) then this doesn' t say much, as both use ICMP. Still it looks like your problem is with the TMG. What do the logs say?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
1317
0 Kudos
Not applicable
In response to ede_pfau

Created on ‎01-04-2011 06:53 AM

reply
I' ll check the log & post it here , but I noticed strange thing , when I enable the policy that allowed VIP my ip " client computer behind the FW" " on the internet is changed from the real ip of fortigate into the VIP . and when I disable this firewall policy I got the real fortigate ip
1317
0 Kudos
Not applicable
In response to

Created on ‎01-12-2011 11:15 PM

I didn' t get any logs in TMG 2010 server , so How can I log Exchange traffic in Fortigate to ensure it passed to TMG ????
1317
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.