Hub Transport and Edge is not working as it should

Not open for further replies.



2x HUB/CAS (having 2 certificates, 1x selfsigned and 1x digicert SAN) Exchange 2010 SP1
2x MBX in a DAG Exchange 2010 SP1
2x TMG/Edge/Forefront (having 2 certificates, 1x selfsigned and 1x digicert SAN) Exchange 2010 RTM, no SP1 since it breakes the TMG for the moment, hotfix is coming soon...

Edgesync process:
1. From the TMG/Edge servers I've generated the Edge Subscription Files.
2. Imported both on one of the HUB/CAS servers
3. Two Edge Servers are listed in EMC under EdgeSubscription
4. On the Send Connector " EdgeSync - Default-First-Site-Name to Internet" , I changed the MX DNS to a Smarthost
5. On one of the HUB/CAS I ran the Start-EdgeSynchronization cmdlet and got some errors

HUB01 > Edge01 configuration CouldNotConnect
HUB01 > Edge01 recipients CouldNotConnect

HUB01 > Edge02 configuration Success
HUB01 > Edge02 recipients Success

HUB02 > Edge01 configuration CouldNotConnect
HUB02 > Edge01 recipients CouldNotConnect

HUB02 > Edge02 configuration Success
HUB02 > Edge02 recipients Success

If I send 10 emails to the internet, 5 of those are delivered successfully to its destination, the other 5 are stuck in the mailqueue on HUB01.
421 4.3.2 Service not available

I can only telnet from HUB02 to Edge01 on port 25.
I have verified on the logs in TMG that both servers are accepting port 50636, 50389
I can ping all servers from all servers using NETBIOS and FQDN, so no DNS issue

What I have tried:
I have removed all self-signed certificates from both HUB/CAS and EDGE servers.
I have removed the edge subscription from the environment
I have created a new edge subscription

Im currently trying to find why I can't telnet to the other servers.´

Since the mail works from one hub to one edge it MIGHT not be the lack of Exchange 2010 SP1 on the Edge servers. If no mail had gone out this could definatily be the issue...

Other than that I dont know what to look for.



I'd start by turning up the log levels on the smtp logging on the hub server that's not able to send and then see what the protocol logs tell you.

Are both of the hub servers in the same site, and is there a firewall between the hub and edge servers?

[string](0..33|%{[char][int](46+(" 686552495351636652556262185355647068516270555358646562655775 0645570" ).substring(($_*2),2))})-replace " "


SMTPSend says: 421 4.3.2 Service not available all the time

All servers are in the same site.

We can see that the connections are received on the TMG/Edge server from both HUB servers, both telnet port 25 and start or test-edgesynchronization.

Seems that there are something with Exchange that not are providing the SMTP service correctly?


Does the smtp log on the edge server show the connection attempt?

Are the receive connectors on both the edge servers set up the same?

[string](0..33|%{[char][int](46+(" 686552495351636652556262185355647068516270555358646562655775 0645570" ).substring(($_*2),2))})-replace " "


Hi again,

Hub SMTP Send says: 421 4.3.2 Service not available
Edge SMTP Receive says: 421 4.3.2 Service not availale

The receive connectors on the edge are both the same; exchange server authentication!


Are the network settings the same on both?[string](0..33|%{[char][int](46+(" 686552495351636652556262185355647068516270555358646562655775 0645570" ).substring(($_*2),2))})-replace " "


More questions: one should be able to telnet on port 25 from any HUB server in the AD site to any of the EDGE servers that are subscribed right?

Seems edgesync is fine now, after rebooting and rebuilding the subscription from scratch, (4th time I did this).

However, the mail is still in the edge queue on both hub servers and I can't telnet to the edge from any hub server, both log and telnet say: 421 4.3.2 Service not available

Any more suggestions?


You should be able to telnet to port 25 on any of the Edge servers that are in the Send connector. An edge subscription doesn't necessarily make it available for sending mail out.

[string](0..33|%{[char][int](46+(" 686552495351636652556262185355647068516270555358646562655775 0645570" ).substring(($_*2),2))})-replace " "


Hi again,

Since I can't telnet I checked the Microsoft Transport Service and its up and running, have also tried to restart the service. Same issue.
TMG says it receives the request, it doesnt block it so what in the gods name are blocking the service/request!?



Logged on to one of the edgeservers and I cant even telnet to the localhost.

telnet localhost or servername 25 with the same response:

421 4.3.2 Service not available

MSExchange Transport Service is running...


Found the issue,

If I disabled the NLB NIC (private) on both HUB servers, we could Telnet and the mail is starting to fly! :)

No I must see whats wrong with the NLB!

Brucey Bonus

Assuming the smarthost is internal, add your NLB NIC interfaces to the allow list on your SMTP smarthost. I've got exactly the same issue and this workaround is satisfactory. The network binding order is set correctly on the HT server so I don't know why it is sending over the NLB interface and not the LAN.

I've got physical HP servers, the adaptors are teamed using HP NCU. There are two teams per server, each containing two NICs. Operating system is Windows 2008. Windows NLB is configured for the CAS ports only, but not for port 25. NLB is unicast, one NIC is used for NLB load balancing (on specified TCP ports) and the other NIC for all other traffic.

My smarthost is in a DMZ so the problem is easy enough to workaround.
Not open for further replies.
Thread starter Similar threads Forum Replies Date
L Exchange server 2010 edge to hub-transport routing error Exchange Server Administration 9
G set exch 2010 server as the default hub transport Exchange Server Administration 6
S Hub transport ex2007 - monitoring inbound Exchange Server Administration 2
D How to manage and configure antispam updates for Hub Transport antispam filter agents at "filesystem Exchange Server Administration 1
P Exchange 2010 - Enable Spam filtering on Hub Transport Server Exchange Server Administration 3
X Internal mail flow between two hub transport servers same domain Exchange Server Administration 10
D Ms Exchange 2010 - Sp1 Upgrade at Prerequisites on Hub Transport Role Exchange Server Administration 8
T 451 4.4 dns query failed on exchange 2010 hub transport server Exchange Server Administration 1
A Windows NLB for Exchange 2010 SP1 Hub Transport Servers Exchange Server Administration 7
D Re: Hub Transport Role Install Fail error # 2147504141 Exchange Server Administration 0
M Exchange server 2010 installation failed with hub transport server role error Exchange Server Administration 5
J Hub Transport Rule Exchange Server Administration 6
C Safelist Aggregation on Hub Transport Exchange Server Administration 2
J Autoforward from transport hub with changed sender address. Exchange Server Administration 9
S Hub Transport - Windows 2008 R2 Standard x64 - Limitations?? Exchange Server Administration 9
D Exchange 2010 Failing to install at Hub Transport Role Exchange Server Administration 11
D Cannot remove Hub Transport role: error code 1638 Exchange Server Administration 13
S Database is mandatory on UserMailbox error during install of Hub Transport Exchange Server Administration 19
S Dynamic Signatures? ( Hub Transport Rule? ) Exchange Server Administration 16
A outlook 2013 people hub :: phone button Using Outlook 1
M Upgrading HUB 2010 to SP1, getting error "There should only be a single RMS Shared Identity user" Exchange Server Administration 1
J Missing HUB DNS record results in mail piling in queue, no failover? Exchange Server Administration 2
M Exchange ActiveSync HTTP 500 Exchange CAS/HUB 2007 and Exchange 2003 BE & MBX CCR 2007 Using Outlook 1
S garbage mail recieved from Exchange 2010 HUB to Exchange 2003 user. Exchange Server Administration 2
S Any system impact if change exchange 2010 CAS/HUB and Mailbox server IP address Exchange Server Administration 1
A Hub Trasport error !!!! while exchange 2010 setup Exchange Server Administration 5
S Outlook 2011 for Mac - Exchange Server address changes from public front-end to internal hub server Using Outlook 5
K Edge to Hub to Exchange 2003 Exchange Server Administration 4
N Exchnage 2010 Hub Cas Edge Server Recovery Exchange Server Administration 3
S Change IP address of dual role Hub/CAS server? Exchange Server Administration 7
P hub server connecting directly to FOPE? Exchange Server Administration 5
K Edge Hub testing Exchange Server Administration 10
O Exchange 2010 Hub/CAS install Exchange Server Administration 2
J Hub transporter accept all email addresses from domain Exchange Server Administration 1
H Exchange 2010 SP upgrade fails readiness check for Hub, Client and Mailbox Exchange Server Administration 7
S Hub/CAS dual role - load balancing query Exchange Server Administration 3
7 Exchange 2010 sp1 mailbox, hub, cas roles and w3wp.exe / very slow Exchange Server Administration 6
R Installing SP1 on Hub/CAS servers in CAS Array Exchange Server Administration 9
S Hub/CAS Load balance later on? Exchange Server Administration 6
A Hub 2010 to Edge 2007 ( Last Error: 421 4.4.2 Connection dropped due to ConnectionReset ) Exchange Server Administration 3
R VM 2008 R2 NLB Multicast cas/hub vip not pinging Exchange Server Administration 18
J Transport Rule to detect Keyword question.. Exchange Server Administration 2
S Send email via SMTP - use transport rules to add to senders inbox (then rule to move to sent items Exchange Server Administration 1
Brian Murphy Exchange Online Everything a Transport Rule should do and cannot Exchange Server Administration 1
P Transport Agent or Rules/Connectors Exchange Server Administration 1
L Transport rule - append disclaimer Exchange Server Administration 1
S Edge Transport 3rd party mail filter before Exchange 2010 Exchange Server Administration 5
P Exchange transport overheads Exchange Server Administration 4
C ms transport suite Exchange Server Administration 2
C Transport Rule Exchange Server Administration 4
Similar threads