Avatar of DurandL
DurandL
 asked on

New Router causing Exchange ActiveSync issues

Client moved buildings and in the process replaced their old router. Now ActiveSync doesn't work on their iPhones. IP stayed the same. I can access webmail and OMA. Any ideas anyone?
Hardware FirewallsExchangeSmartphones

Avatar of undefined
Last Comment
DurandL

8/22/2022 - Mon
Alan Hardisty

Activesync only needs port 443 opened up and forwarded to your server.

What router is now installed and has port 443 been forwarded?

Some routers use this port to access the router remotely, so it may need to be reconfigured.

Visit www.canyouseeme.org and check port 443.  What is the result?
DurandL

ASKER
Port 443 is open. As I said, users can get to webmail and OMA.
Alan Hardisty

Okay - please visit https://testexchangeconnectivity.com and run the Exchange Activesync test.
What version of Exchange are you using?
Are you using a self-certified certificate or a 3rd party trusted SSL certificate?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
DurandL

ASKER
They have SBS 2k3..


Here is with Ignore SSL unchecked:


Testing Exchange ActiveSync
 Exchange ActiveSync test Failed
 Test Steps
 Attempting to resolve the host name mail.paolodesigngroup.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 64.122.245.58

Testing TCP Port 443 on host mail.paolodesigngroup.com to ensure it is listening and open.
 The port was opened successfully.
Testing SSL Certificate for validity.
 The SSL Certificate failed one or more certificate validation checks.
 Test Steps
 Validating certificate name
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.paolodesigngroup.com in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 Certificate trust validation failed
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate chain did not end in a trusted root. Root = CN=mail.paolodesigngroup.com, CN=companyweb, CN=pao-server-001, CN=localhost, CN=pao-server-001.paolodesigngroup.local

Ignore SSL checked:

Testing Exchange ActiveSync
 Exchange ActiveSync test Failed
 Test Steps
 Attempting to resolve the host name mail.paolodesigngroup.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 64.122.245.58

Testing TCP Port 443 on host mail.paolodesigngroup.com to ensure it is listening and open.
 The port was opened successfully.
Testing SSL Certificate for validity.
 The certificate passed all validation requirements.
 Test Steps
 Validating certificate name
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.paolodesigngroup.com in Certificate Subject Common name

Testing certificate date to ensure validity
 Date Validation passed. The certificate is not expired.
 Additional Details
 Certificate is valid: NotBefore = 11/30/2006 5:13:15 PM, NotAfter = 11/30/2011 5:13:15 PM"



Testing Http Authentication Methods for URL https://mail.paolodesigngroup.com/Microsoft-Server-Activesync/
 Http Authentication Test failed
 Additional Details
 An HTTP 500 response was returned from Unknown


Thanks!
-DurandL
ASKER CERTIFIED SOLUTION
Alan Hardisty

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
DurandL

ASKER
Ended up moving to Google Apps.