Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2010 and 2003 ActiveSync and RPC over HTTP Coexistence

Posted on 2013-05-23
7
Medium Priority
?
1,033 Views
Last Modified: 2013-07-08
Hello,
     I am almost done with my Exchange migration, but I have run into a snag. First, let me give a background on the current setup. We have an Exchange 2003 server and an Exchange 2010 server in coexistence, and email filtering from MXLogic. I can access both servers without issue from inside the network. However, since we only have one static IP, the mailboxes on the Exchange 2010 server cannot be accessed from the outside, that is, with ActveSync, OWA, or RPC over HTTP. I guess this is likely because the router/firewall is configured to pass exchange traffic to the 2003 server. What I'd like to be able to do is use both servers from the outside if possible. Is there a way to make the traffic flow to the exchange 2010 server from MXLogic, and then make the Exchange 2003 server a kind of backend server? Although, the mailboxes on 2003 should still be accessible via ActiveSync and RPC over HTTP. Thanks!
0
Comment
Question by:indigo6
  • 4
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 1500 total points
ID: 39192841
Yes, you can do this. When I set up Exchange with 2003, I configure the firewall to direct all incoming SMTP (port 25) and ActiveSync/RPCHTTP (443) to Exchange 2010. Exchange 2010 will pass any incoming SMTP email to Exchange 2003 as needed. For ActiveSync and RPC/HTTP, it will also proxy those connections to Exchange 2003.

Please note that this will not work for Outlook Web App, as making network requires having a separate, publicly accessible, URL and IP for Exchnage 2003.
0
 
LVL 12

Expert Comment

by:Julian123
ID: 39192846
As some additional background, here is an article describing how proxying works: http://www.exchangebytes.com/?p=598

And one other from Microsoft: http://blogs.technet.com/b/exchange/archive/2009/12/08/3408985.aspx
0
 

Author Comment

by:indigo6
ID: 39192980
Ok, nobody uses OWA on 2003 anyway, so that's good. So no configuration necessary on the exchange servers? All I need to do is configure the firewall?

I noticed that when I created a test account on the 2003 server and tried to connect to it via the 2010 server it failed to verify. (Testing from iOS)
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 12

Expert Comment

by:Julian123
ID: 39193024
There is a step you need to take on Exchange 2010, specifically setting the appropriate authentication mechanism on Exchange 2003.

Please take a look at this page: http://technet.microsoft.com/en-us/library/ee332348(v=exchg.141).aspx. Under the heading "installing exchange 2010, take a look at step seven.

In general, though, I do recommend looking through the whole page just to see if you've done all the steps it recommends.
0
 

Author Comment

by:indigo6
ID: 39197200
Ok, I did all the steps. Thanks! Is there a way I can test the proxying before going live on the router?
0
 

Author Comment

by:indigo6
ID: 39297936
I had to do one more step, specifically disabling the SSL requirement on the Microsoft-Server-ActiveSync vdir on the Exchange 2003 server, and it worked.

I'm setting the router to use the Exchange 2010 server this weekend. Is there any way to test first? Thanks!
0
 

Author Closing Comment

by:indigo6
ID: 39307931
In this case, since we had a single server combination front end / back end Exchange 2003 server, it took several things to get Exchange 2010 to proxy Exchange 2003:

1. Enable Windows Integrated Authentication on the Exchange Active Sync Virtual directory on the Exchange 2003 server using the Exchange System Manager. (Install this hotfix if necessary: http://support.microsoft.com/?kbid=937031)
2. Disable Forms based authentication on the Default Web Site on the Exchange 2003 server. I did not have to reset the Directories though. A simple restart, or restart of the IIS services did it.
3. Disable the SSL requirement on the Exchange, and Exchange Active Sync virtual directories. (Since the Exchange 2003 server no longer faces the Internet) Again, restart the services, or reboot the server.

This was mainly for ActiveSync, but RPC over HTTP (Outlook anywhere) worked fine as well.

Thanks!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question