Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2010 sp2 r5 ActiveSync fails on iPhones for non-internet facing CAS

Posted on 2013-01-07
4
756 Views
Last Modified: 2013-06-04
I have 2 CAS server, the internet facing CAS iPones are able to sync with Exchange but the non-internet facing Exchange are erroring with "Error: [System.Net.WebException]: The remote server returned an error: (403) Forbidden." when I run test-activesyncconnectivity.  The policy for activesync is set to "allow non-provisionable devices".  This started after I ran the digicert  tool to point the activesync to my external domain name. This is the current setting:

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://email.externaldomain.com/Microsoft-Server-ActiveSync
ExternalUrl :
Anyone have any ideas on how to fix?
0
Comment
Question by:CityofSpringfieldMA
  • 2
4 Comments
 
LVL 42

Expert Comment

by:Amit
ID: 38751744
Why you need non internet facing server to work with Iphone...everyone should come from internet facing server...
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38751796
Iphone would only work with Internet facing device as all devices connect through Internet

- Rancy
0
 

Author Comment

by:CityofSpringfieldMA
ID: 38751873
when I reset back to the internal server name the iphones start working.

[PS] C:\>get-activesyncvirtualdirectory -server exchserver | fl internalurl,externalurl

InternalUrl : https://exch-non-internetfacing.internal.lan/Microsoft-Server-ActiveSync
ExternalUrl :
What am I doing wrong?
0
 
LVL 42

Accepted Solution

by:
Amit earned 500 total points
ID: 39108959
First you need to publish the public name. Say if you want to use.

oma.yourdomain.com then you need to get this register on to public domain. Next you need to add this name into you SAN certificate.

Next you need either TMG or ISA to do the reverse proxy to your internet facing CAS server. Also you need to apply cert in TMG or ISA also.
http://araihan.wordpress.com/2010/04/09/how-to-publish-exchange-activesync-in-forefront-tmg-2010/

Then you need configure active setting in your CAS server with basic authentication. Leaver server internal url as it is. That is correct. External URL leave blank. For more read Proxy and Redirection in Exchange 2010.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question