Solved

Mobile users can't sync after router/IP change

Posted on 2008-10-08
10
279 Views
Last Modified: 2013-12-05
Hi,
 Recently we switched over from a DSL Internet connection to a T1.  As a result we changed our router and public IP address.  
 Up until the change my 2 mobile users (WM6 on alltel) were getting their push email from exchange no problem.  After the change neither can sync any more; they get the '85010014' error code.

-I did change our domain registration to reflect the new IP and from the outside I've verified the name resolves to the new address

-We did open port 443 on the router and I can access our OWA via https

-I also captured network traffic from the SBS server and I can see the phone will start a conversation with the server but after only 5 secs the phone sends a RST,ACK packet.

-We also temporarily opened all ports on the router with no change.

-A quick review of the 3rd party signed security certificate only shows the domain name (no IP numbers)

  Does anyone have any ideas of what the problem might be or what specifics logs/settings I could check to find an answer?
0
Comment
Question by:wallacjc
  • 4
  • 4
  • 2
10 Comments
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22673034
Have you tried to remove/delete the phone account and readd it?
Can you access OWA from outside the company as well as inside?
0
 

Author Comment

by:wallacjc
ID: 22673087
Hi,
- Have not tried deleting the phone account from SBS.
- I definitely can access OWA from the outside; have not tried inside.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22673984
My guess would be it is certificate related where you changed the public IP.
If you are using a "home grown"/SBS generated certificate re-run the Configure E-mail and Internet Connection Wizard, and you will likely have to re-install the certificate on the phone. If it is a purchased certificate you will likely have to buy a new one.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22674132
To confirm if it's an issue with the certificate you could go into IIS and turn off the SSL for the Default Web Site, Exchange-oma, microsoft-server-activesync, and OMA, then change the phone settings to use port 80 instead of 443.  Also make sure the firewall has port 80 forwarded to the exchange server.  This test would show you if it's an issue with the security certificate.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22674160
Be careful "tweaking" IIS with SBS
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:wallacjc
ID: 22674345
I am tempted to try bypassing SSL to isolate the 3rd party certificate as the cause but I viewed the certificate and I couldn't see anything that seemed to be related to the old IP (only mentions domain name).  

Is a certificate supposed to be unique to the IP address the domain name resolves to at the time the certificate is created?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 22674473
No the IP should not be related to the certificate, but if you changed the router, especially if that resulted in changing the server's WAN IP you are supposed to re-run the CEICW.
0
 

Author Closing Comment

by:wallacjc
ID: 31504422
Thanks for the help; I re-ran the CEICW and now it works.  Most of the options I saw during the wizard I left alone but I did notice it pulled up the old gateway number (I changed it manually in the NIC properties).  
0
 

Author Comment

by:wallacjc
ID: 22683031
Well  I re-ran the CEICW and now it works.  The mobile users are syncing again.

 Most of the options I saw running the wizard I left alone but I did notice it pulled up the old gateway number (although I changed that manually in the NIC properties).

 It would be nice to know what changes it made exactly.  

 Thanks everyone for their help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22683073
Glad to hear you were able to resolve.
SBS requires you ALWAYS use the wizards as they affect so many services. Manual changes to not cover all your basis. Any changes to networking services requires re-running the CEICW, and if you ever wish to change the LAN IP not using the change IP server wizard and doing so manually can even result in the need to rebuild the server.
Thanks wallacjc.
Cheers !
--Rob
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now