VirtualMetric Hyper-V Monitoring, Hyper-V Reporting


Cozumpark Bilisim Portali
Hosted Exchange 2010 Setup Guide – Part 4
Posted in Exchange Server | 6 Comments | 23,727 views | 31/08/2010 12:13

At Part 3, We configured OWA service and SSL certificate. This part, we will configure our 2 Hub Transport servers, EXGW01 and EXGW02. I’ll use Citrix Netscaler again to make a load balance between them.

Now on EXGW01, open Exchange Management Shell and execute;

New-ReceiveConnector -Name 'Inbound SMTP Array' -Usage 'Custom' -Bindings '','' -Fqdn '' -RemoteIPRanges '' -Server 'EXGW01'

Do same thing on EXGW02:

New-ReceiveConnector -Name 'Inbound SMTP Array' -Usage 'Custom' -Bindings '','' -Fqdn '' -RemoteIPRanges '' -Server 'EXGW02'

Use Get-ReceiveConnector to see recently added connectors:


Enable receive connectors to get mail from external mail address:

Get-ReceiveConnector "Inbound *" | Set-ReceiveConnector -PermissionGroups:AnonymousUsers,ExchangeUsers,ExchangeServers

Disable default receive connectors:

'EXGW01\Default *' | Set-ReceiveConnector -Enabled $false
'EXGW02\Default *' | Set-ReceiveConnector -Enabled $false
'EXGW01\Client *' | Set-ReceiveConnector -Enabled $false
'EXGW02\Client *' | Set-ReceiveConnector -Enabled $false

Now add new receive connectors for EXGW01 and EXGW02:

New-ReceiveConnector -Name 'EXGW01 SMTP' -Usage 'Custom' -Bindings '','94101.92.3:587' -Fqdn '' -RemoteIPRanges '' -Server 'EXGW01'
New-ReceiveConnector -Name 'EXGW02 SMTP' -Usage 'Custom' -Bindings '','94101.92.4:587' -Fqdn '' -RemoteIPRanges '' -Server 'EXGW02'

Configure load balancing on Citrix Netscaler. First add service definition as TCP – 25 for EXGW01.

Add same service definition for EXGW02 and Create a Virtual Server:

Choose Least Connection as LB Method:

Now telnet your NLB ip and you should see your FQDN:

Ok, now lets create a send connector to send mails to external address:

New-SendConnector -Name 'Exchange Gateway' -Usage 'Custom' -AddressSpaces 'SMTP:*;1' -DNSRoutingEnabled $true -UseExternalDNSServersEnabled $false -Fqdn '' -SourceTransportServers 'EXGW01','EXGW02'

Create a SSL request for EXGW01:

New-ExchangeCertificate -FriendlyName '' -GenerateRequest -PrivateKeyExportable $true -KeySize '2048' -SubjectName 'C=TR,S="Metrocity",L="Istanbul",O="Radore Hosting",OU="IT",' -DomainName '','','EXCAS01','EXCAS02','EXGW01','EXGW02' -Server 'EXGW01'

Buy your commercial certificate and save certificate code to C:\cert.txt.
Import your certificate on EXGW01:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path C:\Cert.txt -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password

Assign SMTP services to certificate. Don’t forget to use your own Thumbprint.

Enable-ExchangeCertificate -Server 'EXGW01' -Services 'SMTP' -Thumbprint '5C9F5C946CAC544F054D24'

We will export our certificate and import it to second Hub Transport server, EXGW02.

$File = Export-ExchangeCertificate -Thumbprint '5C931E54FDA054D24' -BinaryEncoded:$true -Password (Get-Credential).password
Set-Content -Path "C:\htcert2.pfx" -Value $File.FileData -Encoding Byte

Now, transfer your pfx file to EXGW02 and import it:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\htcert2.pfx -Encoding Byte -ReadCount 0)) -Password:(Get-Credential).password -PrivateKeyExportable $true

Enable SMTP service for EXGW02:

Enable-ExchangeCertificate -Server 'EXGW02' -Services 'SMTP' -Thumbprint '03BB616D714D03B9476'

Go to Citrix Netscaler again and create a Virtual Server for SMTP.
Choose SSL as protocol and 443 as port number.

Configure LB method as Least Connection.

Check Hosted Exchange 2010 Setup Guide Part 3 for how to import SSL Certificate to Citrix:

Bind SSL certificate to virtual server.

Also you can add HTTP, 80 as another Virtual Server.

Please follow Hosted Exchange 2010 Part 3 for how to add HTTP 80 Virtual Server.

Go to EXGW01 and EXGW02, open IIS manager (inetmgr) and navigate to SSL Security for Default Web Site.

Clear “Require SSL” and click Accept from SSL settings.

Now test your Exchange Server 2010 SMTP address:

Wadaaaa again! We finished Citrix Netscaler Load Balancing for Hub Transport Servers.
Next Part, We will see how to configure Forefront Protection 2010 for Exchange Servers.
Thanks for reading.

Please continue with Part 5:

Hosted Exchange 2010 – Hosted Exchange 2010 Installation

Comments (6)

Yusuf Ozturk » Hosted Exchange 2010 Setup Guide – Part 3

September 3rd, 2010

[…] Please continue with Part 4: […]

Maxima Mithani

April 21st, 2011

Thank you for posting this. You have heart and intellegents and I hope this blog does well.


July 14th, 2011

Hi Yusuf,

Thanks for publishing this post. I have learnt a lot from it.
Just one quick question.

When running Get-ReceiveConnector “Inbound *” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient” aren’t you creating an open relay as it is an internet facing connector?



July 14th, 2011

I can’t remember why i did that. Let me quickly check current configuration. I know that there is a routing problem between organizations in Hosted Exchange 2010 SP1, maybe that was for that.


October 3rd, 2011

Hi Yusuf,

I would like to ask if you have any source regarding how to do email level backup on a hosted Exchange. We are using Asigra, but it can only see the mailboxes that are registered to the main domain, not the hosted ones.



October 4th, 2011

Hello Akos,

Have you tried Data Protection Manager 2010? You can do mailbox level backups. I use it for backup solution.


Leave a Reply