Edge Transport Questions

Existing Exchange 2013 SP1 install with 1 DAG and 2 members. We are thinking about deploying an edge server but have some questions as to the current setup and benefits of edge in current setup. Our current setup:
2 servers with all roles
1 DAG
McAfee Security for Microsoft Exchange (AV/spam product)
Our Sonicwall does NAT load balancing between the 2 servers. So with an edge transport server, would that negate the existing load balancing?
Our active copy server has a reverse pointer with our ISP. With an edge transport server, we would have to let our ISP know of the new edge server, so it will resolve to the edge server?
Our current servers have McAfee product installed for AV/spam etc. How much does this negate the need for an edge transport server? If we do go with edge transport server, we will need to uninstall McAfee on the current servers and install on the edge server?

Hi forgiven,
Thank you for your question.
1.Our Sonicwall does NAT load balancing between the 2 servers. So with an edge transport server, would that negate the existing load balancing?
A:Exchange Edge could negate the existing load balancing.
2.Our current servers have McAfee product installed for AV/spam etc. How much does this negate the need for an edge transport server? If we do go with edge transport server, we will need to uninstall McAfee on the current
servers and install on the edge server?
A: we suggest A/V install on Edge server when Exchange edge deploy, then we could disable A/V on internal Exchange server.
3.How are logs handled on the edge server? Will we have to search multiple servers for logs are can we consolidate the logs?
A: we could backup it.
If there are any questions regarding this issue, please be free to let me know.
Best Regard,
Jim

Similar Messages

  • Edge Transport Attachment stripping based upon an emails Subject line.

    I am running Exchange 2010 on-prem with a 2013 Hybrid (including a 2013 Edge Transport server for message handling between on-prem and the o365 tenant) connecting to an o365 tenant. I use EMC's SourceOne for archiving running on-prem. The o365
    tenant points to a mailbox on my on-prem Journaling server.
    What I am seeing is that when o365 forwards emails as attachments from the cloud back to the on-prem Journaling server it is examining the subject line of the message and making a decision to strip the attachment based upon the very end of the subject line.
    Example: A simple text message with a subject line of: "Check out the new web site at www.xyz.com"
    The Edge transport server is seeing this as being a ".com" attachment and stripping it off before it gets to the Journaling server. So it does not appear to be looking inside the message to see what it actually is and figure out that it is not
    a ".com" file but a simple text message.
    I have seen this with other file extension types as well. Such as ".exe" . It is also stripping off ".zip" attachments as well, but I understand that and not sure how to deal with it.
    Has anyone else experienced this and how have you dealt with it? Microsoft wants me to take the Edge out of play and go directly to from the cloud to an on-prem Exchange server. But that is not an option as the on-prem servers are not exposed to the internet.
    Thanks, Bob
     

    Hi BobSwe,
    Thank you for your response.
    If you have resolved this question, please mark useful replies as answer.
    Thanks,
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
    Allen Wang
    TechNet Community Support

  • Exchange Server 2013 Edge Transport Role

    Dear,
             I have a question regarding Exchange Server 2013 SP1 that, I have installed Edge Transport Server Role on separate box without Domain Joined. Obviously I installed Exchange CAS and Mailbox on Same box with
    Domain Joined in Corporate LAN.. But my edge is placed on DMZ and it is ready with all configuration, Mailbox Server Synchronization is also installed with Edge. Means all required configuration are properly configured and it is verified. But I want clients
    to OWA Access from Edge only. Because I want to restrict my internal network from the internet. So kindly provide me any possible ways to access OWA from Edge only ??. I have see some another methods like "Web Application Proxy instead of TMG because
    TMG is expired"..
    Kindly provide me possible ways or URL so I will configure it..
    Thanks.
     Fuzail (FM)

    Hi,
    Is there any further question on this thread?
    Thanks,
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Simon Wu
    TechNet Community Support

  • Mail flow to Edge Transport from a different AD site

    Trying to define a solution for *outbound* load balancing from Exchange 2013 organisation between Edge Transport servers.
    Setup:
    1 Edge Transport server in SiteA
    1 Edge Transport server ins SiteB
    Both subscribed to the AD site in SiteA and are therefore on the same send connector (to allow automatic load balancing and failover)
    Situation:
    Lets say all MBX/CA servers in SiteA go offline.  Can an MBX/CA server in SiteB send email directly to the Edge Transport that is subscribed to the AD site in SiteA, or does there need to be an MBX/CA server available in SiteA to hop through?
    I'm hoping for an answer to be backed up clearly by a TechNet article or authoritative source as I can't really work with guesses.
    Thanks.
    Let’s say I have an Edge Transport subscribed to ADSiteA.  All MBX/HT servers in ADSiteA go down.  Can a MB/HT server in ADSiteB send an email directly to an Edge Transport subscribed to ADSiteA, or does it need to hop through an MBX/HT in the
    subscribed site?
    David

    Hi David
    One or more Edge Transport servers can be subscribed to a single Active Directory site. However, an Edge Transport server can't be subscribed to more than one Active Directory site. If you have more than one Edge Transport server deployed, each server can
    be subscribed to a different Active Directory site. Each Edge Transport server requires an individual Edge Subscription.
    A subscribed Edge Transport server is associated with a particular Active Directory site. If more than one Hub Transport server exists in the site, any of them can replicate data to the subscribed Edge Transport servers.
    I dont think there is a solution to subscribe  edge servers for more than 1 site 
    Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com

  • Co-Locate Client Access and Edge Transport Role on Same Server?

    Co-Locate Client Access and Edge Transport Role on Same Server?
    Is it possible/supported to install the Edge Transport Server Role on the same machine that the Client Access role is installed on now that 2013 SP1 has added support back in for the Edge Transport Role?
    jon

    No.
    Unless something has radically changed from before...
    EDIT
    No, nothing has changed:
    "If you want to install the Exchange 2013 Mailbox or Client Access roles on a computer, see
    Install Exchange 2013 Using the Setup Wizard. The Edge Transport role can't be installed on the same computer as the Mailbox or Client Access server roles."
    http://technet.microsoft.com/en-us/library/dn635117(v=exchg.150).aspx
    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

  • Edge Transport Server - Exchange 2013 coexistence Exchange 2007

    Hi Exchange-Gurus,
    We have one Exchange Org.
    sub AD Domain1: A.domain.com (with Exchange 2007 SP3 R10)
    sub AD Domain2: B.domain.com (with Exchange 2013 CU6); DMZ contains Exchange Transport Server - Exchange 2013
    Is it possible to install within the DMZ of AD Domain1   a Edge Transport Server - Exchange 2013?
    Thanks.
    Guitarman

    Hi Guitar,
    Thank you for your question.
    Is it possible to install within the DMZ of AD Domain1 
    an Edge Transport Server - Exchange 2013?
    A: Yes, we could create an Exchange 2013 Edge server on the DMZ of AD domain1.
    Notice: Before we create an EdgeSync Subscription between an Exchange 2007 Hub Transport server and an Exchange 2013 SP1 Edge Transport server, we need to install Exchange 2007 SP3
    Update Rollup 13 or later on the Exchange 2007 Hub Transport server.
    We could refer to the following link:
    https://technet.microsoft.com/en-us/library/aa996719(v=exchg.150).aspx
    If there are any questions regarding this issue, please be free to let me know.
    Best Regard,
    Jim

  • Deploy Exchange 2013 Edge Transport Server for multi-site environment

    Hi,
    I have a multi-site Exchange 2013 environment. The configurations are as below.
    Active Directory Sites and Exchange Servers.
    SiteA - EXMB1 & EXCAS1
    SiteB - EXMB2 & EXCAS2
    SiteC - EXMB3 & EXCAS3
    All sites are connected via VPN. (Good speed. No latency issues)
    All the three Mailbox Servers are in DAG. Only one mailbox database. All servers running Exchange 2013.
    I am planning to deploy Edge Servers in the infrastructure (I am doing it for the first time). Normally, it will be in DMZ.
    Now, I can deploy 2 Edge Servers for reliability.
    Question.
    1. Can I deploy 2 Edge Servers and create subscription to all the mailbox server in 3 different site? Or, is it like one edge server can make subscription to only mailbox servers in one Active Directory Site? I am not sure about this and could not find much
    information from TechNet.
    One Edge Server can make subscription to all 3 mailbox server in 3 sites. Similarly, I can make the subscriptions in the second edge server as well. Configure 2 external MX records with the same priority so that there will be some load balancing.
    Also, in such a case if the mailbox database become active from a different site, I need not make any new changes to the Edge Servers right?
    2. If the first way is not correct, I will have to deploy 1 Edge Server each for each of the Active Directory Site. (In DMZ only, not in domain)
    Make Edge Subscription to the mailbox server in corresponding site.
    Make 1 MX record and point it to the Edge Server which is subscribed to the Mailbox Server from which the Database is Active. The problem is, every time will have to change the DNS record when ever the database copy is activated from a different mailbox
    server. And the issues with propagation.. delay..
    I am not sure which of the above 2 ways will work. Appreciate suggestions from anyone who have previous experience with similar infrastructure.
    Thanks in advance. :)

    Hi 
    One or more Edge Transport servers can be subscribed to a single Active Directory site. However, an Edge Transport server can't be subscribed to more than one Active Directory site. If you have more than one Edge Transport server deployed, each server can be
    subscribed to a different Active Directory site. Each Edge Transport server requires an individual Edge Subscription.
    A subscribed Edge Transport server is associated with a particular Active Directory site. If more than one Mailbox server exists in the site, any of them can replicate data to the subscribed Edge Transport servers.
    I don't think there is a solution to subscribe  edge servers for more than 1 site. Edge Servers can be scoped only to one site.
    Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
    (MVP)

  • Edge Transport Role as Email Gateway

    Hi Experts,
    We are planing to deploy exchange email server (Exchange Server-2013 Multi-Role servers) in our HQ (contoso.com) and 4 Edge Transport in other 4  client development sites(client1.com, clinet2.com, client3.com and Client4.com) so that applications running
    in HQ can send emails to respective client development sites domain using edge transport. Development sites are using external email address (mail.clinet1.com and so on). There is no requirement of incoming mail on Edge in Client site because they have compete
    hosted email solution. Just our Edge transport in client will process the mail received from HQ and will forward to Client's  External email address.
    I would appreciate if you can help me to get answer for these queries.
    Do you think this conceptual design is possible? Exchange solution in HQ and Edge transport in Client site and that Edge will forward emails to External Domain using send connector for  restive client's domain? 
    What secure (Only secure) port we need to open on Edge so that It can talk to External Email servers to deliver emails? 
    If we don't want to expose our Multi-Role exchange severs in HQ to Internet , do you think Exchange server in HQ  should be capable for incoming emails using one additional EDGE or still need to expose CAS services in HQ. We need Outlook, OWA and
    Active Sync as well for HQ (contoso.com).
    What secure port we need to open in case of CAS server? 

    Hi  Lynx
    Thank you for your question.
    I think you have a CAS and mailbox in your site. In order to receive HQ’s email, you can create accept domain, you can refer to the following link:
    http://technet.microsoft.com/en-us/library/bb124423(v=exchg.150).aspx
    in your HQ, I suggest you can separate multi-role servers into two parts, you can do NLB and DAG, because NLB cannot co-existed with DAG. I also suggest you have an edge server in your HQ.
    If client site want to talk to external email, you need to register domain name in your ISP, for example mail.domain.com,autodiscovery.domain.com……
    Secure ports were opened  that is determined  the connect way of your outlook; the more details you can refer to the following link:
    http://blogs.technet.com/b/exchange/archive/2013/02/18/exchange-firewalls-and-support-oh-my.aspx
    If there are any questions, please let me know.
    Best Regard,
    Jim

  • Exchange 2013 Edge Transport Replacement

    Hi all,
    I have a quick question regarding a new 2013 Edge Transport that I need to move to a physical machine.
    It currently resides on a VM and I would like to decommission this machine, remove the edge subscription and redeploy the same configuration on a physical box.
    Do you see any issues using the same name and IP with the new box?  I know it says it is not supported to rename the edge, but If I remove it completely and redeploy?

    Hi Scott4768,
    Based on my experience, you should uninstall the EDGE server which on a VM and then re-install it on a physical box, and you could use the same IP and name.
    In simple terms, the steps are following:
    1. Remove-EdgeSubscription
    2. uninstall EDGE server
    3. re-install EDGE server on a physical box
    4. Create New-EdgeSubscription
    Best regards,
    Eric

  • Edge Transport 2013

    Is it possible to install the Edge Transport Role with the CAS server role on Exchange 2013 SP1? If so, I read that the Edge Transport must not be domain joined, but does the CAS have to be if I use a dual-role box? (Am I answering my own question? :-))
    Thanks for thoughts, explainations and help

    Hi, 
    You want to install the Edge Transport Role with CAS server role on Exchange Server 2013 SP1.
    As per my information, Edge Transport Role is installed in a Perimeter network.
    You can install the Edge Transport Server Role on a domain- joined computer only for enabling domain management of windows features and settings.
    The Edge Transport Server Role does not use Active Directory itself. Instead, it uses the Active Directory Lightweight Directory Services (AD LDS) windows feature to store configuration and recipient information.
    That’s why Edge Transport Role can’ be installed on the same computer as the Mailbox or Client Access server roles install.
    Thanks and regards
    Ashish@S 
    Ashish@V

  • Edge Transport Upgrade to SP3

    I am in the process of upgrading my Exchange 2010 Edge Server to SP3.  The Edge Server sits in a DMZ part of the DMZ Workgroup.  While the EMC updated to SP3, the Edge Transport has not.
    The following error was logged:
    [05/01/2014 02:22:13.0642] [1] 0.  ErrorRecord: The AD LDS schema import process ldifde.exe failed with error code 8224.  No schema has been imported into AD LDS. View the Setup logs for more information.
    [05/01/2014 02:22:13.0642] [1] 0.  ErrorRecord: Microsoft.Exchange.Management.Edge.SetupTasks.AdamSchemaImportProcessFailureException: The AD LDS schema import process ldifde.exe failed with error code 8224.  No schema has been imported into AD LDS.
    View the Setup logs for more information.
       at Microsoft.Exchange.Management.Edge.SetupTasks.ManageAdamService.ImportAdamSchema(String instanceName, String schemaFilePath, String macroName, String macroValue)
       at Microsoft.Exchange.Management.Edge.SetupTasks.InstallAdamSchemaTask.InternalProcessRecord()
    [05/01/2014 02:22:13.0688] [1] [ERROR] The following error was generated when "$error.Clear(); 
     install-AdamSchema -LdapFileName ($roleInstallPath + "\Setup\Data\schemaadam.ldf")
    " was run: "The AD LDS schema import process ldifde.exe failed with error code 8224.  No schema has been imported into AD LDS. View the Setup logs for more information.".
    My question is, should the upgrade be able to contact our AD domain to get the schema import?  Or should I export this data from our AD domain controller?
    Thank you for reviewing.

    Hello,
    Before you upgrade edge transport server, you need to upgrade other exchange server role to sp3.
    Normally, if the Microsoft Exchange EdgeSync service can performs scheduled updates, the information in AD LDS will remain current.
    It is able to contact your AD domain to get schema import during upgrading.
    I recommend you check if 50636 port is opened during updating exchange 2010 Edge server to sp3.
    Please use EXBPA again your exchange server health.
    Please check if there is related error in application log.
    Cara Chen
    TechNet Community Support

  • Edge Transport

    Hello every one.. :)
    I'm just new to learning  the technology of exchange server 2013 and i wanted to ask... is it enough to run only two roles (mailbox & client access) so that i can send/receive emails from/to the internet?? or its a MUST to have a dedicated server
    to have the role of Edge transport?
    please advice.. thanks in advance.. :)

    depends :!!!
    An Edge server always have to be on the perimeter network on a standalone server or VM.
    Yes you live without an Edge Server and have both CAS/MBX roles installed (recommended) on the same box/server
    But you will need to protect your Exchange from anti-spam and anti-malware , either you go with and Edge server or have EOP (Exchange Online Protection)
    Hope that answers your question Jaber.
    Where Technology Meets Talent

  • Edge transport new subscription error

    I have an edge transport server (exch 2013 SP1) in a perimeter environment. The networks are flat during setup. But when running the new-edgesubscription, I get the error below. I am running in the exchange PS. Not sure how else to run it to avoid
    the error below. Any help would be greatly appreciated. 
    [PS] C:\Windows\system32>New-EdgeSubscription -FileName "C:\EdgeSubscriptionInfo.xml"
    New-EdgeSubscription : You can't use the FileName parameter when running this command inside your Exchange
    organization.
    At line:1 char:1
    + New-EdgeSubscription -FileName "C:\EdgeSubscriptionInfo.xml"
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (:) [New-EdgeSubscription], InvalidOperationException
        + FullyQualifiedErrorId : [Server=EDGE01,RequestId=8ded90eg-f44a-4378-a544-a68c985bb61d,TimeStamp=3/8/2015 3:
       08:59 PM] [FailureCategory=Cmdlet-InvalidOperationException] 625C8CCE,Microsoft.Exchange.Management.SystemConfigur
      ationTasks.NewEdgeSubscription
    [PS] C:\Windows\system32>

    Hi mvkes1,
    Thank you for your question.
    There are some factors we should make sure:
    Run this command on Edge server.
    Edge server is independent of other Exchange role on separated server
    Edge server didn’t join domain
    If there are any questions regarding this issue, please be free to let me know. 
    Best Regard,
    Jim
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
    Jim Xu
    TechNet Community Support

  • Transport Questions and Questionnaires from Dev to QAS or to PRD

    Question
    How do we transport questions and questionnaires from dev to QAS or to PRD. Do you type all them again or there is process no. What is best process others do
    Answer
    As you must be aware, Questionnaires are updated from a Recruiter start page in the front end which cannot be saved in a change request.
    At least Iu2019m not aware of any other way to move the Questionnaire details across clients.
    I know that it is quite a bit of a task to repeat the activity of maintaining questions and response in questionnaire/s across clients, particularly When you have to maintain big questionnaires (with lots of questions & multiple responses).But As it is , Process templates, Questionnaires have been considered as a recruiters day-to-day administration task in SAP which has to be done from the front end even in live environment
    Any body has soloution ?
    Thanks.
    Saquib
    http://aspirehr.com/HCM_solutions/hcm_solutions.asp

    Hi Vishal,
    As you must be aware, Questionaires are updated from a Recruiter start page in the front end which cannot be saved in a change request.
    Atleast i'm not aware of any other way to move the Questionnnaire details across clients.
    i know that it is quite a bit of a task to repeat the activity of maintaining questions and response in questionnaire/s across clients, particularly When you have to maintain big questionnaires (with lots of questions & multiple responses).But As it is , Process templates, Questionnnaires have been considered as a recruiters day-to-day administration task in SAP which has to be done from the front end even in live environment.
    So if you are a part of the Implementation Consulting team, it is your responsibility to train the core team in doing the activity in live environment. Hope this information helps.
    Best regards
    G Raj

  • RBL not working on Exchange 2013 Edge Transport

    Single multi-role server with a couple of mailboxes, recently added an Edge Transport server. After configuring the Edge Subscribtion I added sen.spamhaus.org as a RBL Provider:
    Add-IPBlockListProvider -Name Spamhaus -LookupDomain zen.spamhaus.org
    This is not working. A lot of spam is still entering Exchange and the http://www.crynwr.com/spam/ test failed.
    Both servers run Exchange 2013 CU5.
    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Hi,
    Yes, the command is specific for provider SpamHaus.
    http://tweaks.com/windows/40003/cut-down-on-spam-with-ip-block-list-providers-rbl/
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety,
    or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
    Have you added the additional parameters in the command and did it work?
    Thanks,
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Simon Wu
    TechNet Community Support

Maybe you are looking for

  • PPOME: Unable to assign the master cost center

    Hi, When I am trying to assign the common cost center to an Organizational unit under transaction PPOME I am unable to do that as there are employees that belong to different company code. Can you please help to assign the common (single) cost center

  • HELP! Corrupt raw .TIF files

    In 2005 I was shooting with a Canon 1Ds Mark2 and the raw files were .TIF files. There was one shoot where all the files were perfectly fine and I had no problem with them. However, I've now gone back to that shoot and every single one of the raw .TI

  • Problem with small .pct files from PC becoming big when saved on Mac

    For a big database project with Photoshop images, I create bitmap files in PS CS3 and save them as .pct files. They are 4-5 KB each. I then email them to someone with a Mac (all versions from CS2-CS5) who must open the files in PS to get the Mac data

  • Key board not working with hp 2000, window 8

    I have a hp 2000 lap top tablet with windows 8. The key board stop working. First it was the numbers, then letters. I just bought a wireless key board just so I could research the problem.  Any ideas?

  • Exporting an avi out of premiere cs4 from a tiff sequence (1024 x 576)

    Hi i would be so greatful if someone could inform me of the correct setting becouse at the moment the avi i export seems to not be wide enough. I have a tiff sequence renderd out from after effects at 1024 x 576 and set to square pixels. i am require