Edge Transport Role in Exchange Server 2010 provides an important layer of security between external and internal messaging infrastructure. The Edge server analyses messages and can identify spam, content, connection trends and take the appropriate action to prevent delivery of potentially harmful content, spam, and other undesired messages. So, all message coming to and going form entire organization scanned through Edge Transport Server and verify with the policies deployed in it then pass through toward external networks. The Edge Transport server plays a vital role in the messaging infrastructure, protecting the organization from attack and the preventing delivery of unnecessary email, which ultimately can save an organization’s reputation, reduce administrative overhead, and increase productivity.
Installation Prerequisite:
Windows Server 2008 x64 SP 2 or Windows Server 2008 R2
Microsoft .NET Framework 3.5
Windows Remote Management 2.0
Windows PowerShell V2
Active Directory Lightweight Directory Services (AD LDS)
Exchange Server 2010 HT, CAS, Mailbox Roles installed in a separate Windows Server 2008 computer
Installation:
Edge Transport Config:
Now from Start>All Programs>Microsoft Exchange Server 2010>Exchange Management Console you have to configure Anti-Spam, Receive Connectors, Send Connectors, Transport Rules, Accepted Domains tabs available in Edge Transport console. on Anti-Spam tab, you have to configure Content Filtering, IP Allow List, IP Allow List Providers, IP Block List, IP Block List Providers, Recipient Filtering, Sender Filtering, Sender ID and Sender Reputation through action pan.
EdgeSync Config on an Edge Transport Server:
In Edge Transport Server, Open the Exchange Management Shell> Type following
New-EdgeSubscription –FileName “C:\Edgeinfo.xml”
Copy the Edge subscription file to the Hub Transport server into C:\Edgeinfo.xml
In Hub Transport Server, Open Exchange Management Console>Organization Configuration>Hub Transport section
In the action pane, click New Edge Subscription>New Edge Subscription Wizard.
Click Browse>select Active Directory site>Select Default First Site
Browse to the location of the Edge subscription file you copied from the Edge Transport server and click Next>Finish
Verify synchronization to the Edge Transport server’s AD LDS and review the application log in Event Viewer on both Hub and Edge Transport servers
Further Study:
Key Words: Edge Transport, Exchange 2010, AD LDS, Windows Server 2008
Hello Brother,
Can u give doc, regarding how to configure POP/SMTP/Configuration guide for ex 2010……
Waiting for your replyy
Visit http://araihan.wordpress.com/2010/03/17/how-to-configure-exchange-2010-hub-transport-ht-server/ for Hub Transport configuration. HT is the SMTP connector. start all the exchange related services in Windows. Default services should be started/Automatic status. You can create seperate connector for each of them by using Exchange Management Console.
Please be professional when seeking help. No brotherhood pls.
Regards,
Raihan
[...] Step by Step Guide on Exchange Server 2010 Edge Transport Role [...]
I am looking for HA solution for Edge/CAS/Hub transport any suggestion/design guides
Thanks,
Sunil
Hello Sunil,
Here is a how to for you. http://technet.microsoft.com/en-us/library/dd638121.aspx and http://technet.microsoft.com/en-us/library/bb124721%28EXCHG.80%29.aspx
Thanks for visiting my site. Raihan
Hi Brother,
I am planning to configure an exchange server 2010 with dynamic ip address.Do have any experience on this,please help me out,
thank you
sujith
sujith,
Dynamic IP would not work on exchange deployment. You need static IP for all exchange roles.
Regards,
Raihan
HiRaihan,
MS recommends the Edge transport server role be outside the AD environment and on another server for spam/AV protection. do you see any options here/ or pls validate this assumption.
Thanks
Ali
In best practice architecture, Edge Transport or ET is placed in DMZ. ET uses Antivirus and Antispam engine from Mcafee or Trend Micro. You need to install antivirus on the same server. You can place ET in internal network also. You can have more than one ET if you want. You can use ironport and ET together. Microsoft provide full flexibility to a systems architecture. It’s really up to you what you want.
Thank you so much bro,
I have one more question to you, currently we are using win sbs 2003 and exchange in one box as domain controller and file server for users about 20-24 and i want to discard the present machine and implement all new win server ent 2008 and exchange 2010, can u please advise the equipment to implement, like if i need to buy 2 server machines along with 2 sets of win server 2008 and exchange 2010. this would be my first experience in implementation.
god bless u
thanks
ali
[...] Step by Step Guide on Exchange Server 2010 Edge Transport Role November 2009 [...]
Can you tell me how to install a good certificate on the edge server because I have a problem after following your configuration using outlook 2010 anywhere I cannot connect to the Exchange server 2010 from internet.
I get an error message about the proxy server.
Thank you
what sort of error you are getting? Did you publish exchange using TMG?
I want to be your friend
This guide was brilliant, even better was that there is a wizard that will walk you thru the edge subscription steps instead of the powershell stuff.
Thanks!!
thanks for visiting my site
Raihan,
Thank you for the detailed instructions! Do you know if the Exchange 2010 ET and the Lync 2010 Access Edge (AE) can coexist on the same server?
Thank you!
Trevor
Its not a best practice. Please check this technet http://technet.microsoft.com/en-us/library/gg398123.aspx
The technet article does not address the questuion. I too would like to know if I can colocate the Exchange edge transport server and the Lync edge server on the same box.
my answer is no. for best practice you should not install lync edge on exchange edge. Its not a good idea at all.
hi, thanks for your step, by step guide for edge deployment.
could you provide after edge subscription, what are the configuration left on edge server
(like send connector, recieve connector, accepted domain ) do we have to create them on hub server / edge. please explain
Thanks….
All Exchange config are here http://microsoftguru.com.au/category/exchange-server-2010/
Dear
Thanks for your helpful blog . Can you give step by step for configure of external mail of exchange 2007 in one server (win2008 with active director)
Masud
http://microsoftguru.com.au/2010/03/17/how-to-configure-exchange-2010-hub-transport-ht-server/
Hello!
Please i need help.After configuring my edge transport i try synchronizing and had this error report:
EdgeSync service cannot connect to this subscription because of error “The LDAP server is
unavailable.”.
where did you put Edge Server? Do you have proper rules in firewall for edge communication
most of the emails come from outside are blocked by our exchange server. we have exchange server + edge sync(i think tmg) for sending/receiving emails from outside.
Kindly advise.
Hi guys,
i am trying to install exchange on one of my member server but it is failing while installation,when i checked DNS health on my DC the test is failing ,can you please suggest how to solve this issue
Command use for DNS health:dcdiag /test:DNS
OS :Windows server 2008 R2
Hi Raihan,
If i upgrading the exchange server edge 2007 to edge server 2010,
do i have to reconfigure anti-spam settings (ip block list, block senders etc..) in exchange 2010 server
here is detailed how to http://technet.microsoft.com/en-us/library/dd346708.aspx
Hi,
I am getting hub transport role installation failed.how to solve
Regards,
Madhav
what error you getting? have you checked installation log
hey, i am getting spam attack on exchange 2010, how i can block that too many mails are genrated. any help
Hi Raihan,
I am hoping you can help with my Exchange 2010 SP1 setup. All I am trying to accomplish is to relay mail from Exchange to Internet using SMTP, nothing complicated. Currently my mail leaves but it can take up to an hour for it to resolve DNS for the external emails am I missing something. I have SMTP and and port 53 opened on the firewall. I have setup a send and receive connector and using External DSN Lookups. Let me know if I have missed something, your help is appreciated.
How did you configure Exchange I mean what is your design layout? Can you telnet servername 25
can you use smtpdiag, check EMC>Tools>traffic flow
Hi Riahan,
I can telnet and everything is fine it is just that the mail sits in the Queue for a while and gets an error dnslookup error but the a few minutes later it resolves dns and then leaves Exchange. In order for me to get DNS to work I had to track down our various customer MX records and add it to our exchange to speed up the lookup but this isn’t the ideal method as you can tell.
Bharat
Sent from my iPhone