Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2007 to 2010 Migration-Activesync

Posted on 2014-02-21
3
Medium Priority
?
765 Views
Last Modified: 2014-02-24
Hello:

I am in the process of migrating from SBS 2008 to Windows Server 2008 R2 and Exchange 2010. So far, the migration has gone well, but I am running into a bit of a snag as far as Outlook Anywhere, Outlook Autodiscover, Exchange ActiveSync and Exchange ActiveSync Autodiscover are concerned. We have installed a UCC SAN certificate from Go Daddy on both servers (EXCHANGE2007 and EXCHANGE2010) with the following names: autodiscover.domain.com, legacy.domain.com, mail.domain.com, EXCHANGE2007.domain.com, EXCHANGE2010.domain.com, domain.com. The certificate is working just fine from outside the network (i.e., no errors). I have added the "autodiscover" name to the DNS that is hosted by our ISP and have added A records to our internal DNS for both "legacy" (points to EXCHANGE2007) and "autodiscover" (points to EXCHANGE2010) and changed the internal DNS record for  "mail" to point to EXCHANGE2010. From inside the network, everything seems to work as expected. To test, I created two test users (TEST1 and TEST2) and moved the mailbox of TEST2 to the EXCHANGE2010 server (after populating both mailboxes with test emails). Internally, the user (TEST1) whose mailbox resides on EXCHANGE2007 is being redirected to that server when they log in using OWA 2007 and the user whose mailbox is on EXCHANGE2010 (TEST2) is going to OWA 2010.

To test externally, I have opened ports 443 and 80 on our Sonicwall firewall and pointed it to the internal IP of the EXCHANGE2010 server. Everything seems to work well as far as OWA is concerned. By that I mean it mirrors what I see internally. However, all users who use an IPhone to connect remotely lose their connection to the server. When I use Microsoft's Remote Connectivity Analyzer to check Exchange ActiveSync, it results in an error of "Testing of OPTIONS command failed with a 403 forbidden response, Forbidden: Access is denied, You do not have permission to view this directory or page using the credentials that you supplied".

Since we have several users who connect with their IPhone from outside, I panicked and disabled the firewall rule that opened ports 443 and 80 to the EXCHANGE2010 server. I don't know if this matters or not, but the original firewall rules pointing ports 443 and 80 to EXCHANGE2007 were still active when I created the firewall rules to EXCHANGE2010 and I am not sure if I should have disabled these first.

I am sorry for such a longwinded post, but I feel I am very close to getting this to work and I need help!

Thank you very much and please let me know if additional information is needed.
0
Comment
Question by:ctsuhako
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 8

Accepted Solution

by:
Jeff Perry earned 2000 total points
ID: 39878001
0
 

Author Comment

by:ctsuhako
ID: 39883599
Thank you. The solution seemed to be to leave the External URL on the Exchange 2007 CAS empy.
0
 
LVL 8

Expert Comment

by:Jeff Perry
ID: 39883746
You are welcome, glad you got it working.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question