Hi everybody,
Yesterday I configured a new DC and Exchange on Hyper-V (Server 2012 and Exchange 2013)
All functions and rolls are configured and installed but i am having issues receiving external e-mails.
Almost all of the external mails are being deliverd a half hour to a hour after being sent.
To start of on the first level.
I got a Siemens Fiber modem with an external address connected to the WAN of my Draytek 2995 router.
Alle the needed ports are forwarded to the Draytek (80,443,25,1723).
The Draytek DHCP function is set to off.
192.168.168.2 (DC) -> 80 (HTTP IIS)
192.168.168.2 (DC) -> 1723 (RRAS)
192.168.168.3 (Exchange) -> 25 (SMTP)
192.168.168.3 (Exchange) -> 443 (SSL)
My Draytek router is connected through LAN1 to a HP switch (unmanaged).
The physical server has 3 NIC's, all of these are connected to the HP Switch
I Disabled Hyper-V Queuing on the NIC's because this causes an issue with slow network connections.
The network has been configured as following.
I configured the Server 2012 R2 on the hardware(physical server) with only the Hyper-V roll.
NIC1is setup for the physical server,
IP Address: 192.168.168.1
Subnet: 255.255.255.0
Gateway: 192.168.168.254 (Draytek address)
DNS: 192.168.168.254 (Draytek address)
The Server software firewall has been set to a private network through the local security policy.
I have setup 2 VM's through the Hyper-V roll.
The first VM is the Server 2012 R2 Domain controller.
For this VM I created a virtual switch connected to my second NIC(2).
I unchecked the box where my host can communicate with the NIC(2).
The DC has been configured as following:
Hostname: SERVER
IP Address: 192.168.168.2
Subnet: 255.255.255.0
Gateway: 192.168.168.254
DNS: 127.0.0.1
I can ping to all the adresses from this server (internal and external).
The server has been promoted to domain controller with the following rolls.
ActiveDirectory, Certificate Autohority, DHCP, DNS, RRAS, RDP.
Alle these rolls have been set and working. (all have been tested)
DHCP has all options configured (scope, router-192.168.168.254, dns-192.168.168.2)
A DNS simple and recursive test work fine.
I did no configuration on the DNS after the DC PROMO.
So i created users in the AD.
After that I created a second VM, this one is used for the Exchange.
I setup a second virtual switch connected to NIC3 and installed Server 2012 R2 with the following config.
Hostname: SERVER
IP Address: 192.168.168.3
Subnet: 255.255.255.0
Gateway: 192.168.168.254
DNS: 192.168.168.2 (pointing to the DC)
I joined this server to the domain, everything is working fine.
Both servers have internet and network.
Running portscans on 1723 and 80 all work like a charm.
No its time to install Exchange.
I ran all the prerequisits and PowerShell commands (IAcceptLicense. etc.)
Installed de needed API and filters.
Installed Frameworks 3.5 on both servers.
And the Exchange installation was succesfull.
CU3 is also installed.
I configured the send connector, accepted domains etc.
Created all needed certificates (self signed)
Did a portscan on 433 and 25 and they work.
All the hosting records are set mail.domain.nl etc. and MX records.
I created inboxes for the users and was able to connect them to the users in the Active Directory on the DC without any problems.
Connecting through the internet to OWA works perfect and i can login with users.
Sending e-mail internally works perfect, the messages are being deliverd in an instant.
Sending e-mail externally also works perfect, i receive mails in a few seconds on a person email address.
But when i reply or send e-mail to my new Exchange it can take up to hours to receive the mails!
I did online SMTP checks and e-mail checks, the all come out like it should.
One message from MX TOOLBOX on the SMTP:
| SMTP Transaction Time | 8.408 seconds - Not good! on Transaction Time |
I have nog other receive connectors setup, just the standard connectors.
So i got into the Exchange ECP and under "server" i setup the DNS to listen to 192.168.168.2 (DC).
I've read that when this is set to all ip addresses it can cause mail delay, but no luck.
I ran the best practices analyzer and get about 23 errors and 20 warnings.
A lot of services are unhealt like the "ExchangeTransport).
I have no idea what is causing the issues and read almost every forum.
Does anyone have a clue what is going on?
Did i miss something, is there a misconfiguration?
Best regards,
Tim