Solved

Exchange 2010 sp2 r5 ActiveSync fails on iPhones for non-internet facing CAS

Posted on 2013-01-07
4
736 Views
Last Modified: 2013-06-04
I have 2 CAS server, the internet facing CAS iPones are able to sync with Exchange but the non-internet facing Exchange are erroring with "Error: [System.Net.WebException]: The remote server returned an error: (403) Forbidden." when I run test-activesyncconnectivity.  The policy for activesync is set to "allow non-provisionable devices".  This started after I ran the digicert  tool to point the activesync to my external domain name. This is the current setting:

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://email.externaldomain.com/Microsoft-Server-ActiveSync
ExternalUrl :
Anyone have any ideas on how to fix?
0
Comment
Question by:CityofSpringfieldMA
  • 2
4 Comments
 
LVL 41

Expert Comment

by:Amit
ID: 38751744
Why you need non internet facing server to work with Iphone...everyone should come from internet facing server...
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38751796
Iphone would only work with Internet facing device as all devices connect through Internet

- Rancy
0
 

Author Comment

by:CityofSpringfieldMA
ID: 38751873
when I reset back to the internal server name the iphones start working.

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://exch-non-internetfacing.internal.lan/Microsoft-Server-ActiveSync
ExternalUrl :
What am I doing wrong?
0
 
LVL 41

Accepted Solution

by:
Amit earned 500 total points
ID: 39108959
First you need to publish the public name. Say if you want to use.

oma.yourdomain.com then you need to get this register on to public domain. Next you need to add this name into you SAN certificate.

Next you need either TMG or ISA to do the reverse proxy to your internet facing CAS server. Also you need to apply cert in TMG or ISA also.
http://araihan.wordpress.com/2010/04/09/how-to-publish-exchange-activesync-in-forefront-tmg-2010/

Then you need configure active setting in your CAS server with basic authentication. Leaver server internal url as it is. That is correct. External URL leave blank. For more read Proxy and Redirection in Exchange 2010.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now