Open rosenbluh opened 4 years ago
Edge subscriptions are failing because we are allowing only UDP but the edge subscription relies on secure LDAP which is TCP. Only UDP packets are allowed by the security group.
Could you please change udp to tcp in the templates?
Thanks.
templates/exchange-old.template - lines 2982-2986
"IpProtocol": "udp", "FromPort": "50636", "ToPort": "50636", "CidrIp": { "Ref": "PrivateSubnet1CIDR"
templates/exchange.template 0 lines 1760-1781
EXCHEdgeSecurityGroup: Condition: DeployEdge Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable communications for Exchange Edge Transport Servers VpcId: !Ref VPCID SecurityGroupIngress: - Description: Edge Server directory synchronization IpProtocol: udp FromPort: 50636 ToPort: 50636 CidrIp: !Ref PrivateSubnet1CIDR - Description: Edge Server directory synchronization IpProtocol: udp FromPort: 50636 ToPort: 50636 CidrIp: !Ref PrivateSubnet2CIDR - Description: Edge Server directory synchronization IpProtocol: udp FromPort: 50636 ToPort: 50636 CidrIp: !Ref PrivateSubnet3CIDR
I just figured out how to create a pull request.
https://github.com/aws-quickstart/quickstart-microsoft-exchange/pull/28
Edge subscriptions are failing because we are allowing only UDP but the edge subscription relies on secure LDAP which is TCP. Only UDP packets are allowed by the security group.
Could you please change udp to tcp in the templates?
Thanks.
templates/exchange-old.template - lines 2982-2986
templates/exchange.template 0 lines 1760-1781