0

I've got a problem with the initial configuration of an Exchange Server 2016. Sending/receiving internal emails works but not to/from the oudside. I tested the inbound SMTP mail flow with testconnectivity.microsoft.com which presents the following error message:

"Testing TCP port 25 on host mx0.DOMAIN.TLD to ensure it's listening and open.

The specified port is either blocked, not listening, or not producing the expected response."

According to "netstat -a", a service is listening on port 25 on the mail server. However, this is not the case for the firewall server. Since all the network communication is routed through the firewall server, I guess no SMTP communication is possible between the mail server and outside. Can you confirm the analysis so far? How can I tell a service to listen on port 25 on the firewall, too? The respective firewall port is already opened.

Can this be caused by an Autodiscover issue? When I test the Exchange ActiveSync with testconnectivity.microsoft.com it returns the following four error messages that I am also not able to solve:

"The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.TLD:443/Autodiscover/Autodiscover.xml for user MAIL@DOMAIN.TLD
The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
Additional Details
A Web exception occurred because an HTTP 404 - 404 response was received from Unknown.

[...]"

Furthermore, it returns again similar port problems as described before:

"Testing TCP port 443 on host autodiscover.DOMAIN.TLD to ensure it's listening and open.

The specified port is either blocked, not listening, or not producing the expected response.

Additional Details

A network error occurred while communicating with the remote host."

and

"Testing TCP port 80 on host autodiscover.DOMAIN.TLD to ensure it's listening and open.

The specified port is either blocked, not listening, or not producing the expected response.

Additional Details

A network error occurred while communicating with the remote host."

Besides that, it presents a certificate warning:

Analyzing the certificate chains for compatibility problems with versions of Windows.
The test passed with some warnings encountered. Please expand the additional details.
Additional Details
The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. 
Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.

Thanks a lot for any hint to solve the problem!

Exchange-Admin
  • 1
  • 1

2 Answers2

0

Have you configured port forwarding to Exchange server on your firewall server? To receive external mails and have the autodiscover and OWA to work, you need to forward incoming traffic to port 25, 80 and 443 on your firewall server to your Exchange server. For more information,please refer to: Network ports for clients and mail flow in Exchange The document lists the inbound and outbound ports needed.

To send mails to external recipients,you need to setup a send connector to send to the internet. Here is also a Microsoft document on this topic: Create a Send connector in Exchange Server to send mail to the internet

Kael
  • 164
  • 3
  • I noticed that you also updated the same question in Microsoft Q&A.Please follow up on that thread. – Kael Dec 22 '20 at 07:35
0

Thanks for your answer.

The port forwarding is now configured for the respective ports (from the firewall server to the Exchange server). Now, I can see that services are listening on these ports on the firewall server and not only on the Exchange server as before.

When testing the Exchange ActiveSync two errors still occur:

    1. error message: "Attempting to send an Autodiscover POST request to potential Autodiscover URLs. Autodiscover settings weren't obtained when the Autodiscover POST request was sent. Test Steps: The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.TLD:443/Autodiscover/Autodiscover.xml for user MAIL@DOMAIN.TLD The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response. Additional Details: A Web exception occurred because an HTTP 404 - 404 response was received from Unknown.“
    1. error message: „Testing TCP port 443 on host autodiscover.DOMAIN.TLD to ensure it's listening and open. The specified port is either blocked, not listening, or not producing the expected response.“
Exchange-Admin
  • 1
  • 1