Solved

Trying to setup Active sync on Exchange 2013 to coexist with 2007

Posted on 2013-12-27
2
373 Views
Last Modified: 2014-01-10
In order to leave our current Exchange 2007 setup intact we have create a new namespace
email.XXXXX.com  All VD for owa and active sync are pointing to it in new 2013 setup

Email.XXXXXX.com resolves to a public number that hits our Firewall and the Firewall passes traffic to internal internal network.  I have verified with Firewall tech support via packet capture that the 443 traffic hits the firewall on the public side and it passes it off to private side.

Running Wireshark on both production NIC and NLB NIC on one of the cas servers the traffic never gets there.  I cannot explain what is going on.  Microsoft support is blaming firewall but I now have packet caps that prove the traffic is being sent from firewall to private side it just never gets there according to wireshark.  The new name space is ping-able by name and number internally.  I am kind of at my wits end here as to is happening..........PLEASE HELP!
0
Comment
Question by:jgutierr76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Expert Comment

by:jrlingam
ID: 39743429
In order to confirm that firewall is not causing the issue, the best option is to remove the firewall and point the public network to directly hit the CAS servers. This will work in most cases.

Microsoft support will not accept to provide any further support until you by pass the firewall and directly route the traffic to CAS servers and still face the issue.

Also provide your wireshark traces to the firewall / network teams and ask them to check if any blocking is happening. They will be able to better analyse the network traces.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39753353
few thing to query:

Is the new namespace 'Email.XXXXXX.com' resolving to a new public IP address, leaving the original namespace to resolve to it's original (but different) public IP?

on one of the cas servers
When you mention the traffic doesn't reach ONE of the servers, do you mean it reaches the other OK, or just that you have only tested one server?

and it passes it off to private side.
As you have successfully seen the incoming packets on the inside of the firewall, have a look at the packets in wireshark and check the IP they are being forwarded to. If this IP is wrong it wont reach the servers.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question