Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7043
  • Last Modified:

IPhone Active Sync will not work on Internal Wifi network

I have an iphone that works wonderfully when it is connected to the 3G network or on my home network.  However, when I bring the iphone into the office and connect to the office wireless, my phone stops syncing my Exchange e-mail.  We are using the follow:

Exchange 2003 on an Server 2003 box
NO SSL enable
OWA is enabled
imap is enabled

I believe the problem is with DNS resolving the server.domain.com when inside the office but I can not seem to find the resolution.

I put a wireless router on the outside of the firewall, that did not work, I created a new DNS record to point to the exchange server, that did not work.

Any help would be greatly appreciated.
0
commeng
Asked:
commeng
  • 12
  • 9
  • 6
  • +3
2 Solutions
 
bcrosby007Commented:
It is a dns issue. Create a new zone in DNS for your mail server called domain.com.
Then create an A record for mail.domain.com that points to the private ip of your exchange server.
Worked for me...
0
 
commengAuthor Commented:
Yes, I tried that, it did not work.
0
 
bcrosby007Commented:
So from your computer, when you ping mail.domain.com, it resolves your exchange server?
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
commengAuthor Commented:
Yes.
0
 
JohnGerhardtCommented:
Ok, a couple of things.
First of all I would highly recommend that you use SSL
Second can you confirm that you are using active sync, or IMAP?
0
 
commengAuthor Commented:
We are using Active Sync and we are not using SSL
0
 
bcrosby007Commented:
Since you can get the iPhone to work externally, it should be a DNS issue. I assume you can get to the internet when you are inside your network?
0
 
commengAuthor Commented:
Yes, that is not a problem and my verizon account syncs over Pop, it is just a problem with Exchange and Active Sync.
0
 
bcrosby007Commented:
Do you have any Pocket PC's that work over the internal network?
0
 
bcrosby007Commented:
Try to connect to webmail from home PC or using Safari on iPhone over 3G.
2. If you can connect over 3G to Web mail you should be able to connect using iPhone activesync
3. It is possible you have seperate servers for internal and external access and that the External exchange server does not allow activesync.
0
 
commengAuthor Commented:
We only have one Exchange Server and the Treo's sync without a problem.
0
 
bcrosby007Commented:
Can  you browse to webmail from the safari browser?
0
 
JohnGerhardtCommented:
Ok, Sorry to be a bore but still woudl recommend SSL, you are sending password in clear text over the internet...
Can you connect to OWA internally using the same domain name that you are using for int he iPhone...
0
 
commengAuthor Commented:
Yes, I understand we should be using SSL, it is not approved, they are not going to approve, please, the whole situation is frustrating enough.  I know the benefits and the pitfalls of using/not using SSL.  We are not using it.

Back to the original issue, I was able to connect one time and receive mail while on wifi in the office and I was able to respond to a message.  Now it is broken again.  

Any ideas would be appreciated.
0
 
JohnGerhardtCommented:
Ok.

>> Can you connect to OWA internally using the same domain name that you are using for int he iPhone...
0
 
bcrosby007Commented:
ie: http://mail.domain.com......
0
 
commengAuthor Commented:
Yes
0
 
bcrosby007Commented:
and you can use the safari browser on the iPhone to connect to webmail?
0
 
JohnGerhardtCommented:
You just beat me to it bcrosby007 :-)
0
 
bcrosby007Commented:
i remember iphone ver 1x using imap... nightmare. activesync has been the bomb.... only bad thing is, internally activesync wont auto update emails.... you have to manually sync.
0
 
commengAuthor Commented:
yes they can connect using Safari
0
 
JohnGerhardtCommented:
If they can access OWA through Safari via the wireless then we have prooved that there is no DNS problem (as long as you are using the same domain name in the active sync configuration)..
Do you have any IP restrictions applied to any of the exchange virtual directories? I am running out of ideas...
0
 
commengAuthor Commented:
No I don't have any restrictions and I know, I ran out of ideas this morning when I posted the discussion.
0
 
JohnGerhardtCommented:
Ok,
If you delete the account and try and recreate it whilst connected to the internal wireless.. Does it create correctly.?
0
 
commengAuthor Commented:
No get a message can not connect to server.
0
 
commengAuthor Commented:
Well isn't that the darndest thing.  Apparently the iPhone and iTouch send a ping to the server before syncing.  If the wireless router is set to block ICMP, then you will connected to the server.  Turn off the blocking of ICMP and the will start working.
0
 
commengAuthor Commented:
Make sure that you allow ICMP on the wireless router.  Thank you guys for the help.
0
 
gbw48Commented:
I beleive the problem is that internally, exchange has an internally accesible IP and from the outside, it has a external IP. When you are on the internal network, the external IP in most cases is non routable and that is what your iphone is trying to resolve to. If you can add a host entry or a redirect entry on your access point to say requests to external mail server ip gets routed to internal mail server ip, that might solve the issue.
0
 
PEbuilderCommented:
bcrosby007: - your solution worked for me!

We have just started to add 'smartphones' to our email system and this solution helped me out of a tricky problem.
0
 
Marc BarashCommented:
Just throwing in my  $.02 here because I just experienced a similar situation on SBS2003. We installed a new Untangle firewall and forgot to change the default https:// port. When testing connection via web browser to mail.server.com, we were being redirected to the Untangle admin.

Simply changing the https:// port to something other than 443 in Config -> Administration did the trick (assuming your SBS/Exchange server is using 443 for SSL). After making this change, trying https://mail.server.com from a web browser correctly resolved to our SBS/Exchange server. Easy fix and it had nothing to do with DNS - whew!

Reading this thread helped me troubleshoot the problem I was having for our iPhone & iPad users. They were complaining that everything was working great over the weekend but this morning couldn't connect. After reading this thread I realized the problem was only internally on the Wifi network; switching to 3G enabled all devices to sync.

Thanks for pointing me in the right direction!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 12
  • 9
  • 6
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now