We have Exchange 2010/Exchange 2013 in a coexistence setup and mail has been working fine for a few years. We're making some changes to our edge, removing the current SMTP Relay Device and replacing it with an Exchange 2013 Edge Server. I've installed the edge server and Start-EdgeSyncronization shows a success result and Test-EdgeSyncronization shows SyncStatus: Normal.
Additionally I can connect to port 25 from a PowerShell window just fine. For test purposes, I've limited the EdgeSync - site to Internet connector to a single domain. When I try to send mail to a user in that domain I can see the mail stuck in a queue:
Next Hop Delivery Type Status
EdgeSync - site to Internet connector SMTP Relay in Active Directory Site to Edge Transport Server Retry
The last Error is:
451 4.4.0 Primary target IP Address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
I've tried searching on that but I haven't found anything relevant to my situation (i.e. a lot of Solutions referencing prior versions of Exchange but none that I can make work for me).
Any suggestions?