This is a new configuration, we have 2016 CU11 on-prem.
Having issues with the O365 Hybrid Config. we are able to send from our migrated test account that is in the cloud to both to internal users (on prem) and external users (google), however, we are not able to receiving from any source into our migrated test account in the cloud.
I have a Full Hybrid configuration with the Classic topology in place and are not using centralized mail. We also have a valid 3rd party SSL cert loaded. I have added network range for our WAN edge to both the Protection-->Connection filter and the O365 inbound connector Currently we have the O365 connector set to verify connection by certificate (3rd party from above), but have also tried adding network range to inbound connector as well.
I turned on the on-prem servers send connector’s logging to verbose and this is what is being logged no matter the changes I make.
2019-09-25T18:23:09.282Z,Outbound to Office 365,08D741D487D8E263,0,,18.104.22.168:25,*,SendRoutingHeaders,Set Session Permissions 2019-09-25T18:23:09.282Z,Outbound to Office 365,08D741D487D8E263,1,,22.214.171.124:25,*,,attempting to connect 2019-09-25T18:23:10.284Z,Outbound to Office 365,08D741D487D8E263,2,,126.96.36.199:25,*,,"Failed to connect. Winsock error code: 10061, Win32 error code: 10061, Destination domain: *tenantname*.mail.onmicrosoft.com, Error Message: No connection could be made because the target machine actively refused it 188.8.131.52:25."