Solved

can't get exchange 2003 mail account onto iphone or any smartphones except of BBs

Posted on 2011-09-05
26
597 Views
Last Modified: 2012-08-14
Hi

another office i work for, have vmware consol with esva mail server exchange 2003 on sbs2003. i can add users on active directory then i could sync email accounts with their BBs using BIS just fine.

the problem is i cannot configure same email accounts on iphone or htc or samsung smartphones.
i tried with and without ssl, i am sure usernames and passwords are correct and i am also sure of server name.

in another office i work for (different network), Exchange emails work fine on iphones and on s2.

i get error "cannot verify server identity" so i am assuming it's a licence or trusted certificate problem but i don't know where to start, i appreciate all your help.

thank you
0
Comment
Question by:russus
  • 14
  • 9
  • 2
26 Comments
 
LVL 9

Expert Comment

by:davealford
ID: 36484218
HAve you forwarded HTTPS (TCP port 443) from your firewall to server?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 36484251
Please have a read through my article about Exchange 2003 / Activesync so that you can check your server configuration and tweak any incorrect settings as necessary:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

Any problems, please let me know.

Alan
0
 

Author Comment

by:russus
ID: 36484453
thank you both, i checked to see if 443 is opened, and it looks like it is. but when i test it using "canyouseeme.org" i get error: i could not see the service on ip address 192.*.*.* (port 443) reason: network is unreachable.



please see attached and let me know what im doing wrong
thank you
443-opened.JPG
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36484480
What Firewall / Router do you have?  Sometime the Remote Management of the router is mapped to the Router itself and you will therefore have to change the default port to something like 444 instead of 443.

That should allow port 443 to be passed through the router.
0
 

Author Comment

by:russus
ID: 36484486
to be honest, it's the first time i connect to this firewall, it is "monowall" and to access it, i put https:\\defaultGatewayIP:48484
0
 

Author Comment

by:russus
ID: 36484494
so you're saying to open port 444 and forward it to the mail server exactly same to 443?
0
 

Author Comment

by:russus
ID: 36484546
i tested port 25 and 80 and i get same error with network unreachable! how can it be? i still receive emails on 25
0
 
LVL 9

Expert Comment

by:davealford
ID: 36484590
Check the TCP port 443 rule in the monowall configuration and confirm it is forwarding to the correct internal IP address
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36485228
Don't open & forward port 444 - Activesync can't use ports other than 80 / 443.

Sounds like a firewall issue / firewall configuration issue if the port isn't testing as open.  Not heard of a monowall before!!
0
 

Author Comment

by:russus
ID: 36487033
dave i could see a rule that forwards anything that comes through port 443 to the ip address of the mail server
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36487190
Let's ignore the firewall for now - in case it is working and in stealth mode or similar.

Please read my article, visit the test site at https://testexchangeconnectivity.com, run the Exchange Activesync test (DO NOT RUN ANYTHING WITH AUTODISCOVER) and then post the results.

You can obscure your domain name / IP Address (or I can for you).

Alan
0
 

Author Comment

by:russus
ID: 36487454
Alan i read your article, i started with the points and got stuck with testing port 443. i'll run the test and post results shortly. thanks
0
 

Author Comment

by:russus
ID: 36487485
Alan pls find connectivity test attached
connectivity-test.JPG
0
 

Author Comment

by:russus
ID: 36487489
Please remove any sensitive data if i've forgotten something. thank you
0
 

Author Comment

by:russus
ID: 36487871
any follow up? i don't know much about certificates in fact this is maybe the first time i had to deal with this. it says on the image attached "validating certificate name failed" then i went in "tell me more how to resolve" but couldnt find much or didn't know what to look for.

all your help is appreciated. thank you
0
 

Author Comment

by:russus
ID: 36487990
hey alan, in your article, in
Exchange 2003 (Part of Small Business Server):

Microsoft-Server-Activesync Virtual Directory
•      Authentication = Basic
•      Default Domain = NETBIOS domain name - e.g., yourcompany*
•      Realm = NETBIOS name
•      IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

Realm=netbios name (i keep this blank or i add "yourcompany" ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488073
Realm isn't vital - MS keep it blank and the Domain as "\" - but I have fixed issues by adding the Domain in as the internal NETBIOS name.

Try \ and blank and see how you get on.

As you have SBS - you can use my article to generate your own SSL cert using the correct name.

Run through the Connect to the Internet Wizard, change nothing until you get to the Cert part and create a new one for mail.domain.com (I will edit your image above later on).

Once done - re-check your IIS Settings as the Wizard usually adjusts some, then test again.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488122
FYI - I'm travelling about today, so replies may be slow in coming.  Replacing a couple of routers for a customer at their Office / Home and setting up a site-to-site VPN.

My article should walk you through most of what you need.
0
 

Author Comment

by:russus
ID: 36488173
thanks Alan just got to the SSL Certification bit, i'll let you know how it goes.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488178
No probs - I'm moving location again soon.
0
 

Author Comment

by:russus
ID: 36488237
Alan i got to "create web server certificate" and it is at the moment "mydomain.com" so i'll need to change that to "mail.mydomain.com" ?
pls note we access owa using "https:\\mail.mydomain.com\exchange". is changing it will affect BB users? also note BB users don't have this problem
thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36488244
Yes - change that to mail.domain.com - which should make OWA users happier as they won't get an SSL cert error every time.

BB users should be fine.
0
 

Author Closing Comment

by:russus
ID: 36489082
read through article and followed instructions. the solution that worked for me was recreating ssl certificate that mached my "mail.domain.com".

Alan thank you so much for your help
0
 

Author Comment

by:russus
ID: 36489106
thank you v much Alan, changing certificate to match my "mail.domain.com" did it for me. cheers
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36490620
Great news - glad that you are working and that my article worked for you.

Don't forget to vote for it too :)

Best wishes

Alan
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Email is way too noisy, prone to hiding the important stuff, and really becoming unreliable for critical/timely communications. There are better ways to communicate.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question