Solved

Exchange 2010 sp2 r5 ActiveSync fails on iPhones for non-internet facing CAS

Posted on 2013-01-07
4
767 Views
Last Modified: 2013-06-04
I have 2 CAS server, the internet facing CAS iPones are able to sync with Exchange but the non-internet facing Exchange are erroring with "Error: [System.Net.WebException]: The remote server returned an error: (403) Forbidden." when I run test-activesyncconnectivity.  The policy for activesync is set to "allow non-provisionable devices".  This started after I ran the digicert  tool to point the activesync to my external domain name. This is the current setting:

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://email.externaldomain.com/Microsoft-Server-ActiveSync
ExternalUrl :
Anyone have any ideas on how to fix?
0
Comment
Question by:CityofSpringfieldMA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 43

Expert Comment

by:Amit
ID: 38751744
Why you need non internet facing server to work with Iphone...everyone should come from internet facing server...
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38751796
Iphone would only work with Internet facing device as all devices connect through Internet

- Rancy
0
 

Author Comment

by:CityofSpringfieldMA
ID: 38751873
when I reset back to the internal server name the iphones start working.

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://exch-non-internetfacing.internal.lan/Microsoft-Server-ActiveSync
ExternalUrl :
What am I doing wrong?
0
 
LVL 43

Accepted Solution

by:
Amit earned 500 total points
ID: 39108959
First you need to publish the public name. Say if you want to use.

oma.yourdomain.com then you need to get this register on to public domain. Next you need to add this name into you SAN certificate.

Next you need either TMG or ISA to do the reverse proxy to your internet facing CAS server. Also you need to apply cert in TMG or ISA also.
http://araihan.wordpress.com/2010/04/09/how-to-publish-exchange-activesync-in-forefront-tmg-2010/

Then you need configure active setting in your CAS server with basic authentication. Leaver server internal url as it is. That is correct. External URL leave blank. For more read Proxy and Redirection in Exchange 2010.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
This video discusses moving either the default database or any database to a new volume.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question