We have recently migrated from Exchange 2003 to Exchange 2007. The Exchange 2003 servers are still up and the IronPorts deliver to those servers for the Exchange organization. I would like to use the Default Receive connector on the Exchange 2007 Hub Transport server. Having read the Exchange and IronPort documentation, it would appear that I could use TLS and Basic Authentication to establish delivery of internet mail from the IronPort to the Hub Transport server. I used the IronPort GUI to add an Outgoing SMTP Authentication profile. I then chose the newly created profile in the SMTP route configuration. I also used the CLI to require TLS for the inbound domain using destconfig. After each attempt, I am still unable to authenticate and establish a connection. I have tried each of the following configurations for the Authentication Username in the IronPort Authentication profile: username domain/username firstname.lastname@example.org Also, I am testing this configuration from our test IronPort. I created a self-signed cert for testing to replace the default cert. There are full certs on teh Exchange servers. We are currently on AsynchOS 6.0, but plan to upgrade to 6.4.
I have been able to successfully deliver to the Hub Transport server when I create a new Receive Connector and allow for anonymous connection from a specified IP address. My preference would be to use the default with TLS and Auth.
Has anyone configured the Ironport to deliver directly to Hub Transport using the Default Receive connector? Any assistance would be greatly appreciated.
I have SMTP Auth LDAP configured and that works properly. What I am referring to is when the IronPort appliance makes an outgoing SMTP connection to the E2K7 Hub Transport server for inbound delivery of Internet email. (Profile Type Outgoing, Not LDAP) During that transaction the authentication will occur at the Exchange server. I am looking at the Exchange side, but what I was looking for was if anyone had successfully made a TLS and Basic Authentication connection from the IronPort for internal delivery either by using the Default Receive Connector or by creating a new Receive Connector on the Hub Transport server. I was hoping to expedite my troubleshooting by validating the proper configuration of the IronPort. If anyone has any info on the Exchange side, that would be great as well.
yes ditto that - a few prior support cases seemed to indicate that all of exchange's available auth methods did not line up with the methods the ESA can offer up.
i thought that feature was for exchange servers and other AD-based windows machines to connect to an exchange hub...? if you want to add LDAP to the outbound auth methods, perhaps sync up with your account team for a feature request?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...