Solved

Exchange 2010 and 2003 ActiveSync and RPC over HTTP Coexistence

Posted on 2013-05-23
7
1,018 Views
Last Modified: 2013-07-08
Hello,
     I am almost done with my Exchange migration, but I have run into a snag. First, let me give a background on the current setup. We have an Exchange 2003 server and an Exchange 2010 server in coexistence, and email filtering from MXLogic. I can access both servers without issue from inside the network. However, since we only have one static IP, the mailboxes on the Exchange 2010 server cannot be accessed from the outside, that is, with ActveSync, OWA, or RPC over HTTP. I guess this is likely because the router/firewall is configured to pass exchange traffic to the 2003 server. What I'd like to be able to do is use both servers from the outside if possible. Is there a way to make the traffic flow to the exchange 2010 server from MXLogic, and then make the Exchange 2003 server a kind of backend server? Although, the mailboxes on 2003 should still be accessible via ActiveSync and RPC over HTTP. Thanks!
0
Comment
Question by:indigo6
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 500 total points
ID: 39192841
Yes, you can do this. When I set up Exchange with 2003, I configure the firewall to direct all incoming SMTP (port 25) and ActiveSync/RPCHTTP (443) to Exchange 2010. Exchange 2010 will pass any incoming SMTP email to Exchange 2003 as needed. For ActiveSync and RPC/HTTP, it will also proxy those connections to Exchange 2003.

Please note that this will not work for Outlook Web App, as making network requires having a separate, publicly accessible, URL and IP for Exchnage 2003.
0
 
LVL 12

Expert Comment

by:Julian123
ID: 39192846
As some additional background, here is an article describing how proxying works: http://www.exchangebytes.com/?p=598

And one other from Microsoft: http://blogs.technet.com/b/exchange/archive/2009/12/08/3408985.aspx
0
 

Author Comment

by:indigo6
ID: 39192980
Ok, nobody uses OWA on 2003 anyway, so that's good. So no configuration necessary on the exchange servers? All I need to do is configure the firewall?

I noticed that when I created a test account on the 2003 server and tried to connect to it via the 2010 server it failed to verify. (Testing from iOS)
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 12

Expert Comment

by:Julian123
ID: 39193024
There is a step you need to take on Exchange 2010, specifically setting the appropriate authentication mechanism on Exchange 2003.

Please take a look at this page: http://technet.microsoft.com/en-us/library/ee332348(v=exchg.141).aspx. Under the heading "installing exchange 2010, take a look at step seven.

In general, though, I do recommend looking through the whole page just to see if you've done all the steps it recommends.
0
 

Author Comment

by:indigo6
ID: 39197200
Ok, I did all the steps. Thanks! Is there a way I can test the proxying before going live on the router?
0
 

Author Comment

by:indigo6
ID: 39297936
I had to do one more step, specifically disabling the SSL requirement on the Microsoft-Server-ActiveSync vdir on the Exchange 2003 server, and it worked.

I'm setting the router to use the Exchange 2010 server this weekend. Is there any way to test first? Thanks!
0
 

Author Closing Comment

by:indigo6
ID: 39307931
In this case, since we had a single server combination front end / back end Exchange 2003 server, it took several things to get Exchange 2010 to proxy Exchange 2003:

1. Enable Windows Integrated Authentication on the Exchange Active Sync Virtual directory on the Exchange 2003 server using the Exchange System Manager. (Install this hotfix if necessary: http://support.microsoft.com/?kbid=937031)
2. Disable Forms based authentication on the Default Web Site on the Exchange 2003 server. I did not have to reset the Directories though. A simple restart, or restart of the IIS services did it.
3. Disable the SSL requirement on the Exchange, and Exchange Active Sync virtual directories. (Since the Exchange 2003 server no longer faces the Internet) Again, restart the services, or reboot the server.

This was mainly for ActiveSync, but RPC over HTTP (Outlook anywhere) worked fine as well.

Thanks!
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question