question

AurimasValantinaviius-0638 avatar image
0 Votes"
AurimasValantinaviius-0638 asked KaelYao-MSFT commented

TLS issue on Edge transport server

Hi,

We migrate from Exch2013 to Exch2019. We setup all servers and subscription and etc. I can't get to work TLS from outside when get connections from external servers. See more attached:
94802-image.png


94804-image.png


For internal server communication between mailbox and edge servers we use self-signed certificate. I tried adding 3rd party certificate names to receive connectors and re-subscribing edge transport servers with no luck.

office-exchange-server-connectivity
image.png (204.7 KiB)
image.png (177.8 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @AurimasValantinaviius-0638

Sorry I need to ask the following questions:
1.Do you have some firewall devices in the environment?
2.Did it work fine before you migrate to Exchange 2019?
3.You mentioned "tried adding 3rd party certificate names to receive connectors", do you have a valid 3rd party certificate installed and applied to the SMTP service?

0 Votes 0 ·

No appologies, I have had to mention thoose before.

  1. Yes, but we only register what we need to be done, we do not control it, there is different team.

  2. Yes, still there is two legacy edge servers working fine.

  3. Yes we have. it is insatalled on mailbox servers and IIS and SMTP assigned to it. Edge Subscription is done with self-signed certificate.


0 Votes 0 ·

1 Answer

AurimasValantinaviius-0638 avatar image
1 Vote"
AurimasValantinaviius-0638 answered KaelYao-MSFT commented

We find a solution. It was firewall advanced inspection which blocked connections despite fact it was legit common behavior of exchange.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Glad to hear the issue has been resolved!
Thanks for your sharing.

0 Votes 0 ·