Messaging Gateway

Hi all,

 

I deployed an Exchange Server 2007 Edge(DMZ) and an Exchange Server 2007 Hub(Local) Server in our organization. Servers are ready and all needed port configurations are done on SGS. Exchange subscription is working, tests are successful. But somehow, I  guess SGS strips some of the SMTP verbs and that cause a connection error, mail stuck in Hub's queue. If I move the Edge Server to local network and change the IP, mail flow works.

Hub server queue error message is:
" 451 4.4.0 Primary target IP address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts "

I am aware of all connector authentication and permission settings and all other stuff must be done for edge sync. Meybe there is an Advanced Optionon SGS?

 

Product Name: Symantec Gateway Security 5000 Series (v3.0.1)
Application Model: 5440
Build Number: 35277


Thank you for taking time..

Volkhan,

I have implemented this configuration with an SGS, but I needed to make the following modifications:

1.    Create a GSP protocol for port 25 traffic.
2.    Replace the SMTP protocol with the GSP in all relevant service groups.
3.    Disable the SMTP proxy.
4.    Add a TCP-GSP protocol for port 50636 for hub-edge synchronization and create a rule to allow Hub > Edge.

Aside from that I just needed to make sure that Exchange was configured correctly, specifically the Exchange Hub – Edge Synchronization, and to ensure that the “set-TransportServer” setting is correctly set in the Exchange shell on the Hub server. Also I configured DNS on the SGS so that all the mail servers MX records were fully resolvable in DNS from both LAN and DMZ.