troubleshooting Question

Exchange 2003 SBS with a iPAQ hw6515 using mobile services

Avatar of Jeffesmi
Jeffesmi asked on
9 Comments2 Solutions2386 ViewsLast Modified:
This is going to be long, so I'm giving good points just for reading it. :-)

I've got a client with the following setup:

DSL Connection to Internet using Linksys Router
Dynamic DNS setup to allow external access to network resources via a VPN running on server
Port Forwarding used to pass VPN traffic from Intenet to 2003 SBS VPN
Newly installed/Configured Exchange Server on the 2003 SBS box
Two Verizon Samsung Windows Mobile Phones using a Verizon Wireless Sync (by Intellisyn - works okay)
--- All above is configured and works

Just added to the mix: HP iPaq 6515 running Mobile 2003 on Cingular

Originally, I thought there would just be another Sync agent provided by Cingular to do the same thing.  However, from everything I'm seeing and hearing from Cingular, I have to configure "Mobile Services" on my Exchange server to get this phone working to sync the phone with the exchange mailbox.  Following is my plan.  What I'm looking for is additions, deletions, comments, suggestions, alternatives, etc.  My (possibly insane) plan :-) :

1) Create a port forwarding rule for port 26675 (Active Sync Port) to the server
      -Are any othe ports used in the active sync process?
2) Disable SSL on the server for Mobile Services and on the devices (I have a document on disabling SSL on the mobile device, but I haven't found one for the server yet, and it sounds like SSL is enabled by default on the Server.)  
      -99% of the traffic is non-sensitive calendar data... will disabling the SSL create any unanticipated security vulnerabilities?
3) point the device to our dynamic dns entry
      -note:  I'd prefer to Connect to the netwrork via VPN first, but eventhough the VPN works flawlessly from a PC, I can't get the iPaq VPN to work. Any common problems with VPNs on this type of mobile 2003 phone?
4) Configure the Rules
5) Sync the device
6) Live happily ever after

Thoughts? Suggestions? Has anyone else done this?  Am I crazy to do this for one phone? We currently have ports 47 & 1723 forwarded to the server for PPTP.  Does forwarding 26675 and/or other ActiveSync ports create a serious vulnerability to the system?

Thanks in Advance,

Jeffery Smith
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 9 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros