Exchange 2007 and Exchange 2010 in same org and subnet loose the ability to telnet on port 25. Do an arp -d and then they can ping again and telnet, mail will flow again. Exch 2007 is 10.10.1.1 and exch 2010 is 10.10.1.20. Same subnet mask. Same gateway. Other servers can telnet consistently to either device. Just occurs between these two. There is an Edge server that is going to be retired. Disabled NIC on this device on the Internet facing NIC. Thought maybe had a duplicate IP address, changed Exch 2010 server address from 10.10.1.2 to 10.10.1.20. Did not fix issue. Thinking of doing static arp entry/ Any other ideas to fix this issue?

As Ned Flanders would say, "that sounds like a dilly of a pickle." There are a lot of possibilities for this sort of odd behavior. Upon reading the first half of your post, I was thinking "duplicate IP address," but then I saw that you went down that road a little. How are the servers in question connected physically? Are they in the same switch or different switches? Features like Cisco's VTP auto-pruning can cause strange ARP issues, as non-intuitive as that sounds, since auto-pruning is a VLAN thing (layer-2) while ARP is like a layer2-3 bridge protocol. I would investigate a little further into the physical layout of the devices and if other devices are connected in a similar fashion if they exhibit the same behavior. I know you said these were the only problem devices, but that's the best I can think of as a next-step at the moment. Did you try setting static ARP entries to see if that fixed it? I don't like this as a long-term solution (and it can cause trouble down the road if you forget about it). Can you verify that the ARP entry that you see is in fact the NIC address of the other server? Not to be a conspiracy theorist, but an ARP spoofing attack could also cause this sort of behavior. Good luck, Matt

Hi, Firstly, I’d like to verify that the MAC address list in arp cache was correct. So please follow the below steps to troubleshoot this issue: 1. When the issue occurs, type arp -a >C:\arp1.txt 2. Then, try to clear ARP cache by run arp -d 3. Ping the Exchange server, and output the arp information again, please run arp -a>C:\arp2.txt 4. Compare the two txt files, to see if the MAC address is the same. If you have any update, please feel free to let us know. Best Regards, Aiden

All MAC and IP addresses match exactly. Turned on WINS, did static map on ARP table, isolated switches to their own switch. Stop communicating after several minutes. Run arp -d and they talk again. Any more ideas?

Forefront is loaded on the Exchange 2007 server but not the Exchange 2010 server. Will this shutdown the telnet connection?

Hi, Thanks for your update. In order to troubleshoot, you may try to monitor the traffic with Microsoft Network Monitor. http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=4865 1. When it occurs, run Network Monitor and start capturing. 2. Telnet the Exchange server on 25 port. 3. Stop the capturing, save the result. 4. Clear ARP cache. 5. Start a new capture, telnet the server again, and save the capture file. Please upload the file to Windows Live SkyDrive, and paste the link here for us to analyze the report. In addition, as this issue may be related to the Exchange server or Forefront setting. For best experience and suggestions, you may consider post this issue to the Exchange and Forefront Forum. This will provide access to others who familiar with this issue and who will give you effective suggestions. Exchange server forum http://social.technet.microsoft.com/Forums/en-us/category/exchangeserver Forefront forum http://social.technet.microsoft.com/Forums/en-us/category/forefront Best Regards, Aiden

Hi, Thanks for your update. In order to troubleshoot, you may try to monitor the traffic with Microsoft Network Monitor. http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=4865 1. When it occurs, run Network Monitor and start capturing. 2. Telnet the Exchange server on 25 port. 3. Stop the capturing, save the result. 4. Clear ARP cache. 5. Start a new capture, telnet the server again, and save the capture file. Please upload the file to Windows Live SkyDrive, and paste the link here for us to analyze the report. In addition, as this issue may be related to the Exchange server or Forefront setting. For best experience and suggestions, you may consider post this issue to the Exchange and Forefront Forum. This will provide access to others who familiar with this issue and who will give you effective suggestions. Exchange server forum http://social.technet.microsoft.com/Forums/en-us/category/exchangeserver Forefront forum http://social.technet.microsoft.com/Forums/en-us/category/forefront Best Regards, Aiden