02-22-2010 04:44 AM
I am facing some abnormalities with my exchange server. Following is my topology diagram:
Both of these sites are part of a similar AD domain with sites configured with ADC. I cannot send email from Mail1 to Mail2 and vice versa. The messages are stuck in mail server's queue and the error message shown is as:
451 5.7.3 Cannot achieve exchange server authentication
I have tried configuring the permit all policy while ignoring the ALGs but that didnt resulted in anything good. There is no encryption between these sites and I can telnet from Mail2 to Mail1 on all exchange related ports.
Hope to hear some expert suggestions.
02-22-2010 05:48 PM
I'm assuming this is a new setup and not a working situation what was migrated. It sounds like the TLS setup is not correct. In Exchange 2007 the communications between servers is all encrypted now. So even though your clear connections to open smtp work the TLS connectors on the exchange transport need to be configured.
See this section of the troubleshooting guide at technet.
Senior IP Engineer - DQE Communications Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCDA JNCDS-DC JNCDS-SEC
ACE PanOS 6