Basic Exchange config issues

Similar Messages

• Exchange 2013 issues - (new send email Stuck in Drafts not send)

  Exchange 2013 issues - (new send email Stuck in Drafts folder not send)

  I am also having this issue.
  server 2012 VM with exchange 2013. plenty of resources, more than recommended so cannot be a BAck Pressure issue especially as no clients are connected yet.
  In the early stages of setup and testing, mail sent to other mailboxes worked fine in outlook 2007 and OWA but after a few issue that developed and are now resolved, any e-mail send within outlook or OWA just goes straight into the drafts folder.
  I tried, DNS setting changes under roles, on the server, on DNS server, MX DNS records, increased resources, looked at received connectors, changed and even deleted send connectors as this is not required for internal mail. Tried changing authentication
  types but then outlook won't connect to, staying with Basic Auth.
  Have not been able to test inbound e-mail as this is going to replace a production server and is not ready, although I could probably simulate a route from another server and push e-mail to it. Will try tomorrow.
  I have spent about 20 hours trying to figure this out and made probably 40 changes. Change, test, rollback etc. Been searching through loads of forums and technet sites all with no help.
  All services are started, server has been rebooted several times.
  It is also an AD server and has both Exchange roles installed. There is no reason why it should not work. This is so frustrating, we don't have these issues with the now end of life Scalix, or MDaemon or Zimbra. Pity the client wanted a Microsoft solution.
  To be honest there are not a lot of things that cannot be changed in ECP although there is more under exchange powershell however I am not familiar with all the commands yet. I have resorted to watching training videos even though I am a seasoned IT Pro, although
  not so much with exchange it seems.
  I have seen many people have this issue on Exchange 2007, 2010 and 2013. Someone must know how to resolve this or find a work around?
  So far I have an expensive solution the client has purchased that I cannot get running properly.
  Aside from this issue, I really like the new Server 2012 and new Hyper-V.
  I was about to install Exchange Server 2013 on a physical machine due to this f#ckin' issue. But a post for the DNS change has saved my life:
  http://social.technet.microsoft.com/Forums/en-US/exchangeserverpreview/thread/04c0147b-f4e3-4041-a566-310854e71068/ (rafael9908's answer)
  And thanks Jesper Bernle for excellent info provided by your link.

• Checklist for Exchange Certificate issues

  Checklist for Exchange Certificate issues
  1. 
  Why certificate is important for Exchange and What are Certificates used for
  Exchange is now using certificates for more than just web, POP3, or IMAP. In addition to
  securing web services, it has also incorporated Transport Layer Security (TLS) for session based authentication and encryption.
  Certificates are used for several things on Exchange Server. Most customers also use certificates
  on more than one Exchange server. In general, the fewer certificates you have, the easier certificate management becomes.
  IIS (OWA, ECP, EWS, EAS, OA, Autodiscover, OAB, UM)
  POP/IMAP
  SMTP
   2. 
  Common symptoms for
  certificate issue
  Here we can see three different types of the certificate warning, mainly from the Outlook
  side.
  a.
  Certificate mismatch issue
  b.
  Certificate trust issue
  c.
  Certificate expiration issue
  3. 
  Checklists
  In this section, checklists will be provided according to the three different scenarios:
  Certificate Mismatch Issue
  [Analysis]:
  This issue mainly occurs because the URL of the web services Outlook tries
  to connect does not match the host name in the certificate.
  [Checklist]:
  Firstly make sure how many host name in your certificate the certificate. Run “Get-ExchangeCertificate | select certificatedomain”.
  Secondly, check the web services URLs which Outlook are trying to connect to. Run “Test Email AutoConfiguration”
  In this scenario, you need to check the host name for the following services:
  Autodiscover
  EWS
  OAB
  ECP
  UM
  If any of the urls above does not match the one in the certificate, refer to the following article to change
  it via EMS:
  http://support.microsoft.com/kb/940726
   1.
  Do not forget to restart the IIS service after applying the changes above.
   2. Make sure a valid certificate is enabled on the IIS service.
  Certificate Trust Issue
  [Analysis]:
  For the self-signed and PKI-based (Enterprise)
  certificates, they are not automatically trusted by the client computer or mobile device, you must make sure that you import the certificate into the trusted root certificate store on client computers and devices. On the other hand, Third-party or commercial
  certificates do not have this problem. Most commercial CA certificates are already trusted because the certificate already resides in the trusted root certificate store. Because the issuer is trusted, the certificate is also trusted. Using third-party certificates
  greatly simplifies deployment.
  [Checklist]:
  If it’s an Enterprise CA certificate, manually install the root certificate to the “Trusted Root Certification Authorities” folder:
  If it is a 3^rd-party certificate, first remove and reinstall the certificate. Check whether the Windows Certificate Store on the local
  client is corrupted. If it still does not work, please contact the third-party CA support to verify the certificate.
  Certificate Expiration Issue
  [Checklist]:
  When a certificate is about to expired, we just need to renew it by referring the following article:
  Renew an Exchange Certificate
  http://technet.microsoft.com/en-us/library/ee332322(v=exchg.141).aspx
  To avoid any conflictions, it’s recommended to remove the expired certificate from the certificate store.
  [How to set a reminder to alert the administrator when a certificate is about to expired]:
  It’s easy to fix the certificate expire issue. But it should be more important to set a reminder before the
  certificate expiration. Or there can be a large user impacts.
  Generally, the Event ID “^(24|25)$” will appear in Application log when a certificate is about to expire.
  If it’s not quite visible, we can refer to the following solution:
  http://blogs.technet.com/b/nexthop/archive/2011/11/18/certificate-expiration-alerting.aspx
  OWA certificate revoked issue
  [Analysis]:
  IE
  includes support for server certificate revocation which verifies that an issuing
  CA has not revoked a server certificate. This feature checks for CryptoAPI revocation when certificate extensions
  are present. If the URL for the revocation information is unresponsive, IE cancels the connection.
  [Solution or workaround]:
  1. Contact CA provider and check whether the questioned certificate is in the Revoked List.
  2. If not, check whether the certificate has a private key.
  3. Remove the old certificate and import the new one.
  Workaround:
  IE Internet Options -> Advanced tab -> Clear the "Check for server certificate revocation"
  checkbox.
  4. 
  More References
  Digital Certificates and SSL
  http://technet.microsoft.com/en-us/library/dd351044(v=exchg.150).aspx
  More on Exchange 2007 and certificates - with real world scenario
  http://blogs.technet.com/b/exchange/archive/2007/07/02/3403301.aspx

  (Reported previous post with link to SIS package to moderator)
  This is not the correct SIS package for the N73. The package shown is for S60 3.2 devices, but the N73 is not S60 3.2, I believe it is S60 3.0.
  Most features may work with this SIS, but if you experience strange problems, try using the S60 3.0 version.
  But there are no significant difference between 2.5.3 and 2.5.5 with regard to attachments. The only changes were with localization (languages).
  At this point, try 2.7.0 which is out now:
  http://businesssoftware.nokia.com/mail_for_exchange_downloads.php
  Make sure to pick the right phone on the drop down list. It does matter! There are 4 different packages. This list makes sure you get the right one.
  I have seen some issues with attachments not completing that seem to be carrier dependent. You can test this my using Wifi (if possible).
  Message Edited by m4e_team_k on 28-Sep-2008 12:25 AM

• Exchange 2013 Issue: Outlook 2010 auto populating the From Tab when forwarding email

  Exchange 2013 Issue: Outlook 2010 auto populating the From Tab when forwarding email        
  I am running Exchange 2013 and I have an end user who connects to it via Outlook 2010. All was going well till he went to forward an email and he noticed that the From button appeared and auto populated the sender's email address.
  I have clicked the Empty Auto Complete List in Outlook's Send messages... still displayed the From tab when forwarding.
  I recreated the profile in outlook... same thing.
  I created the profile with outlook 2013... same thing.
  There is only one user profile setup in Outlook.
  (I know the from tab usually appears when you have multiple profiles setup in Outlook and/or when you configure the "From" tab.)
  I opened the end user's email in Exch 2013's OWA... what was different here was when I clicked on the email and it opened, it did NOT have the Reply or Forward option... and it displayed as a "Draft" email.
  Does anyone have any ideas?

  So are you saying that the from button is filling the option with the original senders address (eg the person who sent the message to your user), or that it's filling in the your users address (in which case I don't understand what the issue is, since
  it IS going from your user)?

• Exchange Rate Issue ( Ditect & Indirect Quotation )

  Dear,
  Alll Experts.
  I am stuck up at one level , that is Exchange Rate issue.
  User is creating shopping cart in SRM, Local Currency is USD and the goods is ordering from Canada ( CAD ).
  While doing this amount is getting calculated   in - ( Negative ), And it is going to wrong approval for shopping cart approval.
  When I see the TCURR table I am seeing there as negative sign in exchange rate because it is maintained in Indirect Quotation.
  I want to calculate the same amount in postive figure.
  How this can be achieve? If I maintain the same in direct quotation it will calculate positive but final amount will be bigger which is not proper one.
  Experts guidance will be helpful.
  Regards,
  Sharvari Joshi.

  Hi,
  I gave the OB08 entries, not sure if you wanted me to explain the logic. Here it is..
  Maintain 'Indirect quotation' from Local currency(USD) to Transaction currency(CAD) and 'Direct quotation' from Transaction currency(CAD) to Local currency(USD).
  Direct quotation is where the cost of one unit of foreign currency is given in units of local currency, whereas indirect quotation is where the cost of one unit of local currency is given in units of foreign currency.
  Your local currency is USD:
  - Direct exchange rate: 1CAD = 0.92819 USD
  - Indirect exchange rate: 1USD = 1.08238 CAD
  The following settings have been made in the standard system:
    - Direct quotation: ' '
  -   Indirect quotation: ' / '
  Direct exchange rates do not have a prefix.
  Your local currency is USD. You enter a business transaction in the transaction currency CAD. Until now, you had to use direct quotation to enter the exchange rate (1CAD =0.92819 USD). If you have defined '/' as the prefix for indirect quotation, you can also enter the exchange rate with indirect quotation (1 USD = 1.08238 CAD) by entering '/1.08238' in the exchange rate field.
  Direct or indirect quotation can be maintained as the standard form of quotation for a certain currency pair. You use:
           - '1' for direct quotation
           - '2' for indirect quotation
  If a standard form of quotation has not been specified for a currency pair, the system automatically uses direct quotation.
  You make the settings in the IMG: General Settings -- Currencies -- Set Standard for Direct/Indirect Quotation per Currency Pair.
  Thanks
  Ganesh

• Outlook with Exchange connection issues

  I am implementing a security policy which includes blocking all outbound traffic on the firewall of our network (Except normal 80, 443 etc). It seems
  that if I apply this, some users aren't able to connect to exchange. This appears to be related to Outlook Anywhere. What ports would I need to allow to prevent this connection issue?

  Hi
  As per the information and details provided by you, to solve the Outlook with Exchange connection issues, Please follow these steps: -
  Microsoft introduced
  RPC over HHTP as a better way for Outlook client to connect to Exchange. The MAPI connections still use RPCs, but they encapsulate those with an HTTP connection. Since that HTTP connection is secured using SSL, it is may be
  more accurate to call it RPC over HTTPS. These connections only require connectivity
  over TCP port 443, which as you know is assigned to HTTPS and is normally open by
  firewall admin for web servers.
  Outlook Anywhere wraps
  Remote Procedure Calls inside an HTTP layer to allow connectivity with the Exchange server. This simplifies the firewall administration process requiring only
  the SSL port 443 to be opened to the CAS (Client Access Server) instead of several ports to the actual Mailbox Server (MBX).
  I hope this information will be helpful for you.
  Thanks and regards
  Shweta@G 

• I can sync bookmarks on my Firfox for android, but folders aren't sync, i can only get bookmarks from bookmarks main folder. Is a bug or a config issue?

  I can sync bookmarks in firefox for android, but only the ones that are on Bookmarks main folder, the folders create below the main folder are not synchronized. Is this a bug or a config issue?
  Thanks

  Thanks Barney, I tried that but all that comes up in Spotlight are the log files that show the file paths! I don't know how Steam works. Are all the files held by Steam on their server perhaps?

• The recent software update on my HTC One has caused errors with Exchange ActiveSync issues. Calendar, mail and tasks sync fine but contacts won't sync. How do you correct this?

  The recent software update on my HTC One has caused errors with Exchange ActiveSync issues. Calendar, mail and tasks sync fine but contacts won't sync. How do you correct this?

  I had the same problem.  Here is what worked for me.  Open the mail app and delete your exchange account (Settings > Delete Account).  Then re-add your Exchange account.  After this my Exchange contacts showed up again. 

• Safari 5.1 HTML5 HTTP basic access authentication issue video does not load

  I have a .m4v video referenced in a page with the HTML5 video tag in a folder which is in a password protected folder housed on iPage.
  Safari 5.0.5 plays the video fine.  Safari 5.1 fails to load/play the video in the protected folder.  If I move the video to a not protected folder, Safari 5.1 plays it fine.
  This is on iPage.  Back on MobileMe all is fine with 5.1.
  I think this is a HTTP basic access authentication issue with 5.1.
  Anyone have similar issue? Work around?

  Yes, I can also confirm this behaviour. This is in Safari 5.1.1, but I also see the exact same thing in WebKit nightlies.

• Exchange 2010 - Issues after rollup update installation.

  Exchange 2010 - Issues after rollup update installation.
  We are having issues since we installed SP3 Rollup updates 1, 2, 3, and 4.
  Issue1 - People get an error messages constantly popping up when they access our webmail. The error messages are:
  An unexpected error occurred and your request couldn't be handled. and
  Your network connection is unavailable. Please reconnect and try again.
  Issue2 - When I open the Exchange Management Shell I get the following error:
  Failed to connect to an Exchange server in the current site. Enter the server FQDN where you want to connect.
  Issue3 - We have been using third party software to filter spam email. It is installed on our Exchange server. Since the updates it has not been working and we have tons of spam coming through. I dont think that this issue is that important at the moment and
  hope that it will be fixed after resolving issues 1 and 2.
  We uninstalled all four rollup updates in hopes that everything would go back to normal but it hasnt. We still have the same issues.
  Currently we are running Exchange 2010 SP3 on 2008R2 SP1.
  Please help.
  Thanks.
  Greg

  Hi,
  Based on the description, you got the error below when you tried to accessed OWA after rollup update installation.
  "An unexpected error occurred and your request couldn't be handled, and Your network connection is unavailable. Please reconnect and try again."
  For this issue, I recommend you check the OWA virtual directory to see if "Redirect requests to this destination" is checked. If it is checked, please uncheck the option. Then please restart IIS service to check the result.
  Open IIS Manager -> owa -> HTTP Redirect -> uncheck "Redirect requests to this destination:"
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• 851 Router Config Issue

  Hi all,
  Hopefully this will be a nice easy one for you all.
  I have recently configured and installed an 851 router successfully :) I now only have one issue, the damn thing switches itself off after a period of inactivity!
  If I want to use it again I have to issue a reset command then a boot command.
  This takes me to the:
  router>
  prompt. I then have to issue a copy start run command. And then a no shut on each of my interfaces.
  Obviously I would just like the router to stay up and running. But I cant work out how to do it. Im sure that this is just a simple config issue and I would dearly love for you all to solve it!
  If any of you know the answer can you please provide clear an accurate commands as I will copy it parrott fashion into the router.
  Thank you all in advance.
  Stuart

  Hello,
  as spremkumar already pointed out the config register usually is set to 0x2102. You can reconfigure the register by:
  Router#configute terminal
  Router(config)#config-register 0x2102
  Router(config)#end
  Then perform a reload and check whether the config is present after the router finished booting.
  Hope this helps! Please rate all posts.
  Regards, Martin

• Basic internet config for t1 incoming wan

  what would be a basic internet config on a t1 wic w/ a public ip and two fast ethernet ports? 1841 router. i'm trying to write up a checklist of everthing the config should accommodate so i don't leave anything out.

  hello johnny,
  sample config of a T1 is as below:
  Interface serial 0/0
  service-module t1 clock source internal
  service-module t1 timeslots 1-24 speed 64
  service-module t1 framing esf
  service-module t1 linecode b8zs
  ip address 10.1.1.1 255.255.255.0
  encapsulation ppp
  fair-que
  no shut
  make sure the framing and linecode are configured right. check this with the ISP... if your LAN is on a private range, you also might need to do a NAT/PAT over the T1 interface.. for NAT examples refer to the CCO. you also need a default route to the outside towards the t1 interface...
  Hope this helps.. all the best. rate replies if found useful..
  Raj

• Exchange sync issues

  I'm having an issue where my Exchange email seems to stop working on a random basis.  I have to delete my account and then re-add it in order to start receiving emails again.  My gmail and google apps accounts sync just fine.  I've checked with our IT department, and other users aren't having the same issue.  My phone worked fine up until about a week ago.  I deleted the certificate and re-installed it, just to be certain.  Any thoughts?  Any known issues I should be aware of?  Anyone else experiencing this problem?
  Thanks

  I'll have to check with the IT department.  Unless they have upgraded recently, we are using exchange 2003 SP1.  I'll also ask about the test account.
  As far as I know, and as far as IT knows, I'm the only one using WebOS.  The IT department only "supports" Blackberries & iPhones.  I prefer the Pre, and as long as the exchange sync works, I'll stick with it.
  I have had the issue happen again several more times.  It isn't an "8 am" exactly issue.  The other morning I received emails up until 9 or so, then stopped.
  I have tried just re-entering my password and that didn't seem to work.  Maybe I need to give it a little more time.  Maybe I should change my network password and see if that makes any difference.  Perhpas that is where the sync "disconnects".  Since exchange email works for iPhone users, I have to think it is a WebOS specific issue, versus an exchange issue, or perhaps I should say a WebOS - Exchange connection issue, as opposed to an "exchange" issue.
  I only asked about the logs because I was involved with a previous exchange sync issue and worked with the support techs several times, and they have asked for several logs.

• 871 Config issues

  Ok I dont know if its just staring at me ridiculing me but I am feeling like an idiot here... I have an 871 and all I need to do is some basic rules..
  Here is the config I am  having the issue with...
  I need these statics:
  .227 opened and forwarded to these  ports:
  10.0.0.240 80 tcp
  10.0.0.241 81 tcp
  10.0.0.242 82 tcp
  10.0.0.243 83 tcp
  10.0.0.244 84 tcp
  10.0.0.9 3389 tcp
  then .228 forwarded and allports opened to 10.0.0.15
  Right now its working for the .228 but  the .227 is blocking everything.. If I remove the lines for the 10.0.0.15  *.*.*.228 then everything works for the .227 statics and  ports..
  What is wrong here???
  s run
  Building configuration...
  Current configuration : 4747 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  service sequence-numbers
  hostname ******
  boot-start-marker
  boot-end-marker
  logging buffered 51200 warnings
  no aaa new-model
  resource policy
  clock timezone MST -7
  ip cef
  ip name-server *.*.*.65
  ip name-server *.*.*.65
  ip inspect log drop-pkt
  ip inspect name SDM_LOW cuseeme
  ip inspect name SDM_LOW dns
  ip inspect name SDM_LOW ftp
  ip inspect name SDM_LOW h323
  ip inspect name SDM_LOW https
  ip inspect name SDM_LOW icmp
  ip inspect name SDM_LOW imap
  ip inspect name SDM_LOW pop3
  ip inspect name SDM_LOW netshow
  ip inspect name SDM_LOW rcmd
  ip inspect name SDM_LOW realaudio
  ip inspect name SDM_LOW rtsp
  ip inspect name SDM_LOW esmtp
  ip inspect name SDM_LOW sqlnet
  ip inspect name SDM_LOW streamworks
  ip inspect name SDM_LOW tftp
  ip inspect name SDM_LOW tcp router-traffic
  ip inspect name SDM_LOW udp router-traffic
  ip inspect name SDM_LOW vdolive
  crypto pki trustpoint TP-self-signed-974215006
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-974215006
  revocation-check none
  rsakeypair TP-self-signed-974215006
  crypto pki certificate chain TP-self-signed-974215006
  certificate self-signed 01
    30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 39373432 31353030 36301E17 0D313330 31303231 35333430
    315A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
    532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3937 34323135
    30303630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
    CE70D924 A69C5408 AF2DC7DF CD6C4FB4 6FF8B3A7 04380A8B AC07B63F DF47B76C
    9269256B 2D166D76 DFEEB4A1 A7F3CD14 87018C5E 00957EE5 233F76EE 8D0EB13E
    D33FE972 77661DF2 B2BBC711 E09CF82F 7FC907DF 5591C326 CF80D599 09017B23
    AB6F3589 A983AC80 2C92D62D E15FF75B 14241C9B 394BED17 69F2BE7F 69BB21EF
    02030100 01A36C30 6A300F06 03551D13 0101FF04 05300301 01FF3017 0603551D
    11041030 0E820C52 69766965 72615F6D 65736130 1F060355 1D230418 30168014
    8F9D3891 FB866320 C9C2FA5B 7AEE8A53 91F495DD 301D0603 551D0E04 1604148F
    9D3891FB 866320C9 C2FA5B7A EE8A5391 F495DD30 0D06092A 864886F7 0D010104
    05000381 81005F45 DD5BBAE3 960E8930 1C88ACEC 4D190FEC C8C6FA71 48FB8CB8
    969BD344 1FC0E8C6 98C4ED1D B559A772 1A3ED3D9 1C75D143 BE642414 B049118C
    858422D5 E84617E9 018B1B66 341E928D EAE0E568 923424C4 BF31DFFF E7E5A490
    B24D2DBC CE5DC6FF 306EC1C2 BD4DDC04 4AE70B0B 5CFE9426 21B5F83E CA6D28E0
    3B93DCA9 015E
    quit
  username****** privilege 15 secret 5 34yweth2453723475
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface FastEthernet4
  description $FW_OUTSIDE$
  ip address *.*.*.226 255.255.255.248
  ip access-group 101 in
  ip verify unicast reverse-path
  ip nat outside
  ip inspect SDM_LOW out
  ip virtual-reassembly
  duplex auto
  speed auto
  interface Vlan1
  description $FW_INSIDE$
  ip address 10.0.0.1 255.255.255.0
  ip access-group 100 in
  ip nat inside
  ip virtual-reassembly
  ip route 0.0.0.0 0.0.0.0 *.*.*.225
  ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 600 life 86400 requests 10000
  ip nat pool outside_ip_pool *.*.*.227 *.*.*.230 netmask 255.255.255.24                8
  ip nat inside source list 1 interface FastEthernet4 overload
  ip nat inside source static tcp 10.0.0.240 80 *.*.*.227 80 extendable
  ip nat inside source static tcp 10.0.0.241 81 *.*.*.227 81 extendable
  ip nat inside source static tcp 10.0.0.242 82 *.*.*.227 82 extendable
  ip nat inside source static tcp 10.0.0.243 83 *.*.*.227 83 extendable
  ip nat inside source static tcp 10.0.0.244 84 *.*.*.227 84 extendable
  ip nat inside source static tcp 10.0.0.9 3389 *.*.*.227 3389 extendable
  ip nat inside source static 10.0.0.15 *.*.*.228
  access-list 1 remark SDM_ACL Category=2
  access-list 1 permit 10.0.0.0 0.0.0.255
  access-list 100 remark auto generated by SDM firewall configuration##NO_ACES_4##
  access-list 100 remark SDM_ACL Category=1
  access-list 100 deny   ip *.*.*.224 0.0.0.7 any
  access-list 100 deny   ip host 255.255.255.255 any
  access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 100 permit ip any any
  access-list 101 permit ip any host *.*.*.228
  control-plane
  line con 0
  no modem enable
  line aux 0
  line vty 0 4
  privilege level 15
  login local
  transport input telnet ssh
  scheduler max-task-time 5000
  webvpn context Default_context
  ssl authenticate verify all
  no inservice
  end

  Hi,
  I'm not really familiar with the Router Firewalls but I'd just point out what caught my eye (even though there might not be anything wrong about them)
  You have ACL 101 attached to outside interface and it only allow traffic to .228
  You have some outside_ip_pool configuration line that includes the IPs you're going to use for both Static NAT and Port Forward. Shouldnt you leave the .227 and .228 out of the Pool range?
  - Jouni

• CSM Bridged mode config issue

  I currently have a CSM that is load balancing two web servers.  Everything working great.  I have two new web servers that are being used for a different system so I basically copied the old config, changed the names of the vservers, serverfarms and policies and expected the same result as the first.
  What is happening is that when I ping the VIP, it gets redirected to one of the reals but then the real responds back instead of the VIP.
  Not sure why that is happening.

  Sean,
  When you said "Typically, the rservers would use the same gateway you have configured on the client VLAN.  The important thing to make sure of, is that you must make sure that the ONLY for these rservers to reach their gateway is through the CSM that is bridging the servers' VLAN to that client VLAN."
  Now I assume you meant to say "Typically, the rservers would use the same gateway you have configured on the client VLAN.  The important thing to make sure of, is that you must make sure that the ONLY way for these rservers to reach their gateway is through the CSM that is bridging the servers' VLAN to that client VLAN.
  Well, I have a working bridging configuration for a different system and I have found that the real servers in my server vlan do have the client vlan IP address... But the server vlan is in fact a layer 2 vlan, it does not have it's own gateway so it has no other way out other than through the CSM and to the client vlan gateway, just as you said.
  What I have found is that the server vlan for my new set up actually has its own gateway.  Because of other servers in this vlan I cannot do away with it.  So, I looked at an ealier post where you stated" If the adding source-NAT resolves the issue, then you know that asymmetric routing was your problem.  One solution would be to leave the source-NAT config in permanently.  The other would be to set the default gateway of your new servers to the CSM interface, and another would be to use policy-based routing."
  The two solutions I am interested in is the client nat and the setting of the default gateway of the new servers to the CSM interface.  Exaclty what interface are you referring?  Are you referring to the IP address that bridges the client and server vlan together?
  Regarding your client nat example, you mentioned that the client nat address is owned by the CSM, but in your example config I did not see that IP address at all so I am a little confused as to how the csm owns this IP.
  I really appreciate your responses!