Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2010 sp2 r5 ActiveSync fails on iPhones for non-internet facing CAS

Posted on 2013-01-07
4
Medium Priority
?
795 Views
Last Modified: 2013-06-04
I have 2 CAS server, the internet facing CAS iPones are able to sync with Exchange but the non-internet facing Exchange are erroring with "Error: [System.Net.WebException]: The remote server returned an error: (403) Forbidden." when I run test-activesyncconnectivity.  The policy for activesync is set to "allow non-provisionable devices".  This started after I ran the digicert  tool to point the activesync to my external domain name. This is the current setting:

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://email.externaldomain.com/Microsoft-Server-ActiveSync
ExternalUrl :
Anyone have any ideas on how to fix?
0
Comment
Question by:CityofSpringfieldMA
  • 2
4 Comments
 
LVL 44

Expert Comment

by:Amit
ID: 38751744
Why you need non internet facing server to work with Iphone...everyone should come from internet facing server...
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38751796
Iphone would only work with Internet facing device as all devices connect through Internet

- Rancy
0
 

Author Comment

by:CityofSpringfieldMA
ID: 38751873
when I reset back to the internal server name the iphones start working.

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://exch-non-internetfacing.internal.lan/Microsoft-Server-ActiveSync
ExternalUrl :
What am I doing wrong?
0
 
LVL 44

Accepted Solution

by:
Amit earned 2000 total points
ID: 39108959
First you need to publish the public name. Say if you want to use.

oma.yourdomain.com then you need to get this register on to public domain. Next you need to add this name into you SAN certificate.

Next you need either TMG or ISA to do the reverse proxy to your internet facing CAS server. Also you need to apply cert in TMG or ISA also.
http://araihan.wordpress.com/2010/04/09/how-to-publish-exchange-activesync-in-forefront-tmg-2010/

Then you need configure active setting in your CAS server with basic authentication. Leaver server internal url as it is. That is correct. External URL leave blank. For more read Proxy and Redirection in Exchange 2010.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question