Solved

Exchange 2007 to 2010 Migration-Activesync

Posted on 2014-02-21
3
756 Views
Last Modified: 2014-02-24
Hello:

I am in the process of migrating from SBS 2008 to Windows Server 2008 R2 and Exchange 2010. So far, the migration has gone well, but I am running into a bit of a snag as far as Outlook Anywhere, Outlook Autodiscover, Exchange ActiveSync and Exchange ActiveSync Autodiscover are concerned. We have installed a UCC SAN certificate from Go Daddy on both servers (EXCHANGE2007 and EXCHANGE2010) with the following names: autodiscover.domain.com, legacy.domain.com, mail.domain.com, EXCHANGE2007.domain.com, EXCHANGE2010.domain.com, domain.com. The certificate is working just fine from outside the network (i.e., no errors). I have added the "autodiscover" name to the DNS that is hosted by our ISP and have added A records to our internal DNS for both "legacy" (points to EXCHANGE2007) and "autodiscover" (points to EXCHANGE2010) and changed the internal DNS record for  "mail" to point to EXCHANGE2010. From inside the network, everything seems to work as expected. To test, I created two test users (TEST1 and TEST2) and moved the mailbox of TEST2 to the EXCHANGE2010 server (after populating both mailboxes with test emails). Internally, the user (TEST1) whose mailbox resides on EXCHANGE2007 is being redirected to that server when they log in using OWA 2007 and the user whose mailbox is on EXCHANGE2010 (TEST2) is going to OWA 2010.

To test externally, I have opened ports 443 and 80 on our Sonicwall firewall and pointed it to the internal IP of the EXCHANGE2010 server. Everything seems to work well as far as OWA is concerned. By that I mean it mirrors what I see internally. However, all users who use an IPhone to connect remotely lose their connection to the server. When I use Microsoft's Remote Connectivity Analyzer to check Exchange ActiveSync, it results in an error of "Testing of OPTIONS command failed with a 403 forbidden response, Forbidden: Access is denied, You do not have permission to view this directory or page using the credentials that you supplied".

Since we have several users who connect with their IPhone from outside, I panicked and disabled the firewall rule that opened ports 443 and 80 to the EXCHANGE2010 server. I don't know if this matters or not, but the original firewall rules pointing ports 443 and 80 to EXCHANGE2007 were still active when I created the firewall rules to EXCHANGE2010 and I am not sure if I should have disabled these first.

I am sorry for such a longwinded post, but I feel I am very close to getting this to work and I need help!

Thank you very much and please let me know if additional information is needed.
0
Comment
Question by:ctsuhako
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 8

Accepted Solution

by:
Jeff Perry earned 500 total points
ID: 39878001
0
 

Author Comment

by:ctsuhako
ID: 39883599
Thank you. The solution seemed to be to leave the External URL on the Exchange 2007 CAS empy.
0
 
LVL 8

Expert Comment

by:Jeff Perry
ID: 39883746
You are welcome, glad you got it working.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question