Async through Guest WiFi

Posted on 2012-09-12
Last Modified: 2012-09-13
Hi, All.
I have some problem with my company user smartphones connecting to Exchange through our company WiFi.
WiFi LAN is in the different VLAN.
We have a WiFi access point.
SSID called Guest. The WiFi IP range is 192.168.227.x.
We have a RADIUS server connected to this AP.
We have a different VLAN and we use switch IP Helpder for DHCP.
DHCP running on DC and have two scopes: 192.168.227.x and 192.168.228.x
My LAN IP range is 192.168.228.x.
The problem is that my smartphone users have internet access but they cant connect with their smartphones via Guest WiFi to Exchange.
What I need to do to able connect from smartphone via Guest WiFi only to Exchange (via Async protocol), because its a Guest Wifi.
If you have any other ways to fix it - welcome,
Thank you.
Question by:levkiper
    LVL 63

    Expert Comment

    by:Simon Butler (Sembee)
    This isn't really an Exchange issue, but a networking issue.
    You are going to have to allow the Guest wifi network access to the production network.
    Furthermore the URL used for ActiveSync will have to resolve on the guest wireless to the internal IP address of Exchange.
    ActiveSync is just https, so that is all you will have to allow through from the VLAN.


    Author Comment

    Hi, Simon.
    Thank you for your fast reply,
    but how can I enable only ONE https link through VLAN? (for example from VLAN 2 to VLAN 5)
    thank you.
    LVL 9

    Expert Comment

    I presume you dont want ASync to work from the Internet?

    You need to create a rule on the Switch/Firewall to allow any traffic from 192.168.227.x to the IP of the Exchange box - you could also tie down to specific port - 443.

    DNS Would need to be able to resolve the Exchange Server name to an IP address via the Guest WiFi.
    LVL 63

    Accepted Solution

    No idea. That is a VLAN configuration issue. You need to speak to whoever supports the VLAN technology to work that out. It will not be just HTTPS, you will have to allow routing for that IP address, then use the firewall to limit the port traffic.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Create high volume marketing opportunities using email signatures with these top 10 DOs and DON'Ts of email signature marketing.
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
    This video discusses moving either the default database or any database to a new volume.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now