Email on Iphone will Work on external Netowrks but not internal wifi

Have a look at issue 3 here: http://support.apple.com/kb/TS1868

Seems to be a known issue

You need a split DNS system so that the external host name resolves internally.
http://exchange.sembee.info/network/split-dns.asp

The single host name replacement method should work fine.

Simon.

I need a little more help here.  The internal clients connect to the mail using the FQDN Server01.Comanyname.local I dont want to have to change all the clients existing config.   The way the existing setup for external mail is either the IP address or MX.companyname.com cant i just add something for the interanl DNS lookup so is the see the MX.companyname.com it will point to the mail server or will this cause an issue?

I am assuming the iphone is already set up with the email account and then you are turning on wifi to start using it internally. Since it is already using the external ip address, it will still be trying to reach that address. On your firewall you can enable the wifi clients to only access the external IP for the email server instead of blocking all traffic. Or for internal DNS, point the server name that you used to set up the account on the iphone to the internal ip address of the mail server.

Another possibility is that it may be trying to validate the SSL certificate with an external certificate authority and it does not have internet access to do that. In this case you should enable the internal clients to have outside access to the crl lists e.g. crl.verisign.com
http://www.verisign.com/repository/crl.html

Simplest answer:
If the iphone is set to point to mail.mycompany.com make sure the internal record for the mail host is set to the internal ip address.

I just read your last comment. Since you have split DNS, you need to create a duplicate zone in DNS for companyname.com. Add a host for whatever the mail server name is and point it to the internal ip address of the server. Basically you are copying any external DNS record to the internal zone and referencing the internal ip addresses. You would not need to reconfigure  internal clients.

Still no joy I added the company.com record in the dns and it still wont point if i used the FQDN company.com-tcp.company.local it will go to the mail server when I do a NSlookup I still get the external ip address

Whatever you are entering in to the ActiveSync clients as the FQDN needs to have an internal DNS entry.

You are probably entering host.example.com rather than just example.com.
Also ensure that the clients are using the server for DNS only, and are not getting DNS from the router for example.

Simon.

DNS is provided by the server.  On the device I am entering host.company.com.  In the DNS console I added the Host.company.com forwarder it lists under the .com entry but still when i run lookup I get the exernal IP