M_O_J_O
asked on
TMG/Exchange2010: Need help publishing activesync
Hi all,
I'm new to this so please bear with me :)
Bottom line: I can't make my company iPhones connect to my newly installed Exchange 2010 and TMG 2010 (on WinSrv2008R2).
I have 3 servers in my small company:
1. DC (SVDC)
2. Exchange 2010 Std (SVEXCHANGE)
3. Forefront 2010 (SVTMG)
All servers are of course updated with all from windowsupdate.
Since I have no certificate on my exchange server, I disabled SSL on the "default web site" (this worked fine with OWA and I disabled it too on "Microsoft-Server-ActiveSy nc". I know the risk of not using SSL between TMG and Exchange.
I've used the "Exchange Webclient Access Publishing Rule" to publish the active sync.
When I try to connect from my iPhone, I get the following TMG log:
Failed Connection Attempt SVTMG 15-02-2011 17:24:55
Log type: Web Proxy (Reverse)
Status: 0x80090325
Rule: MAIL - ActiveSync Clients
Source: External (my_home_ip:40561)
Destination: Local Host (SVEXCHANGE 10.0.0.4:443)
Request: OPTIONS http://activesync.mydomain.dk/Microsoft-Server-ActiveSync
Filter information: Req ID: 0a07c9a9; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=yes, logged off=no, client type=unknown, user activity=yes
Protocol: https
User: anonymous
Additional information
Client agent: Apple-iPhone3C1/803.148
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x8 (Request includes the AUTHORIZATION header.)
Processing time: 1 MIME type:
It seams like it is trying to log on anonymously?
I'm not sure where it goes wrong and how to proceed.
I need your help desperately!
Thanks!
:)
Mojo
I'm new to this so please bear with me :)
Bottom line: I can't make my company iPhones connect to my newly installed Exchange 2010 and TMG 2010 (on WinSrv2008R2).
I have 3 servers in my small company:
1. DC (SVDC)
2. Exchange 2010 Std (SVEXCHANGE)
3. Forefront 2010 (SVTMG)
All servers are of course updated with all from windowsupdate.
Since I have no certificate on my exchange server, I disabled SSL on the "default web site" (this worked fine with OWA and I disabled it too on "Microsoft-Server-ActiveSy
I've used the "Exchange Webclient Access Publishing Rule" to publish the active sync.
When I try to connect from my iPhone, I get the following TMG log:
Failed Connection Attempt SVTMG 15-02-2011 17:24:55
Log type: Web Proxy (Reverse)
Status: 0x80090325
Rule: MAIL - ActiveSync Clients
Source: External (my_home_ip:40561)
Destination: Local Host (SVEXCHANGE 10.0.0.4:443)
Request: OPTIONS http://activesync.mydomain.dk/Microsoft-Server-ActiveSync
Filter information: Req ID: 0a07c9a9; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=yes, logged off=no, client type=unknown, user activity=yes
Protocol: https
User: anonymous
Additional information
Client agent: Apple-iPhone3C1/803.148
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x8 (Request includes the AUTHORIZATION header.)
Processing time: 1 MIME type:
It seams like it is trying to log on anonymously?
I'm not sure where it goes wrong and how to proceed.
I need your help desperately!
Thanks!
:)
Mojo
ASKER
Hi SatyaPathak,
Thank you for helping me out here!!
Checking SSL permission ... is that on the IIS on the Exchange server?
Thx!
:)
Thank you for helping me out here!!
Checking SSL permission ... is that on the IIS on the Exchange server?
Thx!
:)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Found solution (se above)
https://www.experts-exchange.com/questions/20970817/Certificate-problem-for-VPN.html
Also i would suggest you to please check SSL permission.
1) Autodiscover: Basic and Integrated authentication SSL Optional
2) EWS : Integrated authentication SSL Optional
3) Exadmin : Basic and Integrated authentication NO SSL
4) Exchange : Basic and Integrated authentication SSL Optional
5) Exchweb : Basic and Integrated authentication NO SSL
6) Microsoft-Server-ActiveSyn
7) OAB : Integrated authentication SSL Optional
8) OWA : Basic authentication SSL Optional
9) Public : Basic and Integrated authentication SSL Optional