here is my senario andi need a calrification on myconserns!! we have 2 hub-cas servers in WNLB mode each server has 2 NIC's as follows HubCas1 Public: 192.168.0.241 Gw: 192.168.0.10 NLB : 192.168.0.243 NO GW, NLBVirtual IP: 192.168.0.252 HubCas2 Public: 192.168.0.242 Gw: 192.168.0.10 NLB: 192.168.0.244 NO GW, NLB Virtual IP : 192.168.0.252 we have done NLB using windows NLB and we configured theload balancingonboth theNLB NIC's here is the article that i've followed exactly!! http://exchangeserverinfo.com/2008/03/20/network-load-balance-for-hub--cas--exchange-2007.aspx query No 1: what would be the IP i will use to publish my Exchange Serverfrom my CISCO ASA FW (The Nlb virtual IP? or one of the public NIC IP) as far as i understand i will need to makethe NATing on the FW from my public Real IP nated to my privatevirtual nlb IP queryNo 2: based on the link provided above we have denied SMTP port 25 on the NLB so my question here is how the emails will be transported to the hub transport servers if port 25 isdisabled on the NLB,also bear in mind that the same exact NLB configuration are mentioned onthe same articiles on MSExchange.org query No 3: in case idid a natingon the FW from my public realip to the NLB virtual IP when i send a mail from inside to the internet i found out that the source ip wasmy CISCO FW outsideinterface not the nated realIP the one which is pointed to MX recorde our network engineer says thats this is avery wrong coz if any domain make a reverse lookup he will consider you as a spammer is that right?? waiting for replies ASAP!!!!!!! Thank You Kind RegardsAhmad Ramadan AbaYazeed

Dear , please find my comment.query No 1: what would be the IP i will use to publish my Exchange Serverfrom my CISCO ASA FW (The Nlb virtual IP? or one of the public NIC IP) as far as i understand i will need to makethe NATing on the FW from my public Real IP nated to my privatevirtual nlb IP( NLB should not be used to distribute connections for internal routing between Hub Transport servers. http://technet.microsoft.com/en-us/library/bb124398.aspxqueryNo 2: based on the link provided above we have denied SMTP port 25 on the NLB so my question here is how the emails will be transported to the hub transport servers if port 25 isdisabled on the NLB,also bear in mind that the same exact NLB configuration are mentioned onthe same articiles on MSExchange.org (it will use public NIC , u can remove all and only allow TCP 25 )query No 3: in case idid a natingon the FW from my public realip to the NLB virtual IP when i send a mail from inside to the internet i found out that the source ip wasmy CISCO FW outsideinterface not the nated realIP the one which is pointed to MX recorde our network engineer says thats this is avery wrong coz if any domain make a reverse lookup he will consider you as a spammer is that right?? ( i think you follow ur Network Enginee)waiting for replies ASAP!!!!!!!

Dear AhmadThank You for your post1- i know that i should not use the NLB virtual ip for internal routing between hub to hub servers i was talking about the incoming conenctions from the internet to my ex orgso i mean should l NAT my public real IP to the NLB Virtual IPon the ASA Firwall to allow external connection to come to meor what??2- r u sure that no matter the smtp port in disabled on the virtual NLB NIC it will go to the public nic and from it to the internet??3- what u r saying to follow my network engineer i dont think i agree on that cos this is a proffen solution from microsoft and tested and noone mentioned anything about itwaiting ur replyAhmad Ramadan AbaYazeed