Sonicwall Wireless Smart Phone Access

Posted on 2013-02-06
Last Modified: 2013-07-09
I am setting up wireless and I want to setup three types of Sonicpoints profiles or VAP's.  I have Public, internal and smartphone. I have all setup but cant get the smartphone that have activesync to connect to the internal exchange server.  I have created DNS rules with Nat Policies and also SSL.  I run the connectivity anylyzer and it works fine.  I can https:// to the owa address no problem just cant get the phones to connect.
Question by:mbaez2009
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2

Expert Comment

ID: 38860828
Have you enabled SMTP, ActiveSync, SSL, and port 80 as allowable services to pass from the SonicPoint subnet to your Exhange server's subnet in the Firewall Access rules?

Author Comment

ID: 38860918
What port is Active Sync

Accepted Solution

tjc123 earned 500 total points
ID: 38860947
I just checked my Sonicwall firewall rules for my Sonicpoint WLAN subnet to my internal LAN subnet and I only have 80, 443, and 110 pointing to the external IP of my Exchange server.  I had the same problem with my user's phones not syncing and this fixed it.

Source:  WLAN Subnet, Destination:  External Exchange IP, Services:  80, 443, 110
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!


Expert Comment

ID: 38860962
Activesync works over 443, which is the same as SSL - forgot to mention that.

Author Comment

ID: 38860999
That did not work I have 443, 80, 110, and 25.  When I go to connect it says checing incoming settings and fails.

Author Comment

ID: 39088736
The answer was I had to disable wireless aggregation for the iphones.  I got everything working for the regular phones and devices.

Expert Comment

ID: 39261550

Can you give more infomation on your setup.

I have VAP

X2:V20 WLAN access to internal network X0 lan subnet and internet working ok for LAPTOP
X2:V30 WLAN-Public for visitors and iPhone. Internet working but iphones can't get email on exchange or OWA.

WLAN-Public to LAN is DENY and can't access our internal DNS server. This way it need to ask internet provider DNS for IP and get tell is out external WAN IP address like I cant get access to OWA or email working.

What I need to add to make iphones from WLAN-Public yo our internal exchange server?

Thank you,

iphones have been tested on X2:V20 and email are working.

Expert Comment

ID: 39293871
Hi, I talk with Sonicwall support and resolve the situation.

Hardware on WLAN-Puclic that have only internet access will point external DNS to get names resolved and get for internal server the WAN IP address of theses server... that is point back to the WAN interface.

To make this working you need to add rule to WLAN-Public to LAN with the services you wan like HTTPS pointing the WAN IP (public IP) you have the service on.

 WLAN-Public to LAN with Public IP

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Expanding Subnet Mask 20 283
Cisco ASA LDAP Authentication for VPN and Management 8 53
Use of vpn-filter value  in S2S VPN 2 62
Check Spoof email 6 71
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question