Solved

Trying to setup Active sync on Exchange 2013 to coexist with 2007

Posted on 2013-12-27
2
382 Views
Last Modified: 2014-01-10
In order to leave our current Exchange 2007 setup intact we have create a new namespace
email.XXXXX.com  All VD for owa and active sync are pointing to it in new 2013 setup

Email.XXXXXX.com resolves to a public number that hits our Firewall and the Firewall passes traffic to internal internal network.  I have verified with Firewall tech support via packet capture that the 443 traffic hits the firewall on the public side and it passes it off to private side.

Running Wireshark on both production NIC and NLB NIC on one of the cas servers the traffic never gets there.  I cannot explain what is going on.  Microsoft support is blaming firewall but I now have packet caps that prove the traffic is being sent from firewall to private side it just never gets there according to wireshark.  The new name space is ping-able by name and number internally.  I am kind of at my wits end here as to is happening..........PLEASE HELP!
0
Comment
Question by:jgutierr76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Expert Comment

by:jrlingam
ID: 39743429
In order to confirm that firewall is not causing the issue, the best option is to remove the firewall and point the public network to directly hit the CAS servers. This will work in most cases.

Microsoft support will not accept to provide any further support until you by pass the firewall and directly route the traffic to CAS servers and still face the issue.

Also provide your wireshark traces to the firewall / network teams and ask them to check if any blocking is happening. They will be able to better analyse the network traces.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39753353
few thing to query:

Is the new namespace 'Email.XXXXXX.com' resolving to a new public IP address, leaving the original namespace to resolve to it's original (but different) public IP?

on one of the cas servers
When you mention the traffic doesn't reach ONE of the servers, do you mean it reaches the other OK, or just that you have only tested one server?

and it passes it off to private side.
As you have successfully seen the incoming packets on the inside of the firewall, have a look at the packets in wireshark and check the IP they are being forwarded to. If this IP is wrong it wont reach the servers.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
This video discusses moving either the default database or any database to a new volume.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question