Link to home
Create AccountLog in
Avatar of M_O_J_O
M_O_J_OFlag for Denmark

asked on

TMG/Exchange2010: Need help publishing activesync

Hi all,

I'm new to this so please bear with me :)

Bottom line: I can't make my company iPhones connect to my newly installed Exchange 2010 and TMG 2010 (on WinSrv2008R2).

I have 3 servers in my small company:

1. DC (SVDC)
2. Exchange 2010 Std (SVEXCHANGE)
3. Forefront 2010 (SVTMG)

All servers are of course updated with all from windowsupdate.

Since I have no certificate on my exchange server, I disabled SSL on the "default web site" (this worked fine with OWA and I disabled it too on "Microsoft-Server-ActiveSync". I know the risk of not using SSL between TMG and Exchange.

I've used the "Exchange Webclient Access Publishing Rule" to publish the active sync.

When I try to connect from my iPhone, I get the following TMG log:

Failed Connection Attempt SVTMG 15-02-2011 17:24:55
Log type: Web Proxy (Reverse)
Status: 0x80090325  
Rule: MAIL - ActiveSync Clients
Source: External (my_home_ip:40561)
Destination: Local Host (SVEXCHANGE 10.0.0.4:443)
Request: OPTIONS http://activesync.mydomain.dk/Microsoft-Server-ActiveSync 
Filter information: Req ID: 0a07c9a9; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=yes, logged off=no, client type=unknown, user activity=yes
Protocol: https
User: anonymous
 Additional information
Client agent: Apple-iPhone3C1/803.148
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x8 (Request includes the AUTHORIZATION header.)
Processing time: 1 MIME type:

It seams like it is trying to log on anonymously?

I'm not sure where it goes wrong and how to proceed.

I need your help desperately!

Thanks!

:)
Mojo
Avatar of Satya Pathak
Satya Pathak
Flag of India image

This issue seems to be Forefront 2010 (SVTMG)

https://www.experts-exchange.com/questions/20970817/Certificate-problem-for-VPN.html

Also i would suggest you to please check SSL permission.

1) Autodiscover: Basic and Integrated authentication   SSL Optional
2) EWS : Integrated authentication                     SSL Optional
3) Exadmin : Basic and Integrated authentication       NO SSL
4) Exchange : Basic and Integrated authentication      SSL Optional
5) Exchweb : Basic and Integrated authentication       NO SSL
6) Microsoft-Server-ActiveSync: Basic authentication   SSL Optional
7) OAB : Integrated authentication                     SSL Optional
8) OWA : Basic authentication                          SSL Optional
9) Public : Basic and Integrated authentication        SSL Optional
Avatar of M_O_J_O

ASKER

Hi SatyaPathak,

Thank you for helping me out here!!

Checking SSL permission ... is that on the IIS on the Exchange server?

Thx!

:)
ASKER CERTIFIED SOLUTION
Avatar of M_O_J_O
M_O_J_O
Flag of Denmark image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of M_O_J_O

ASKER

Found solution (se above)