Solved

Trying to setup Active sync on Exchange 2013 to coexist with 2007

Posted on 2013-12-27
2
388 Views
Last Modified: 2014-01-10
In order to leave our current Exchange 2007 setup intact we have create a new namespace
email.XXXXX.com  All VD for owa and active sync are pointing to it in new 2013 setup

Email.XXXXXX.com resolves to a public number that hits our Firewall and the Firewall passes traffic to internal internal network.  I have verified with Firewall tech support via packet capture that the 443 traffic hits the firewall on the public side and it passes it off to private side.

Running Wireshark on both production NIC and NLB NIC on one of the cas servers the traffic never gets there.  I cannot explain what is going on.  Microsoft support is blaming firewall but I now have packet caps that prove the traffic is being sent from firewall to private side it just never gets there according to wireshark.  The new name space is ping-able by name and number internally.  I am kind of at my wits end here as to is happening..........PLEASE HELP!
0
Comment
Question by:jgutierr76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Expert Comment

by:jrlingam
ID: 39743429
In order to confirm that firewall is not causing the issue, the best option is to remove the firewall and point the public network to directly hit the CAS servers. This will work in most cases.

Microsoft support will not accept to provide any further support until you by pass the firewall and directly route the traffic to CAS servers and still face the issue.

Also provide your wireshark traces to the firewall / network teams and ask them to check if any blocking is happening. They will be able to better analyse the network traces.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39753353
few thing to query:

Is the new namespace 'Email.XXXXXX.com' resolving to a new public IP address, leaving the original namespace to resolve to it's original (but different) public IP?

on one of the cas servers
When you mention the traffic doesn't reach ONE of the servers, do you mean it reaches the other OK, or just that you have only tested one server?

and it passes it off to private side.
As you have successfully seen the incoming packets on the inside of the firewall, have a look at the packets in wireshark and check the IP they are being forwarded to. If this IP is wrong it wont reach the servers.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question