Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1023
  • Last Modified:

Active Sync Connections with TMG and Exchange 2013

We just configured our TMG 2010 servers (with Basic authentication) to connect with our new Exchange 2013 server and are finding some devices just cannot connect and others are sporadically having some connections problems but then they can connect.
We have done the following:
- Had users remove and re-add their Active Sync account on their device
- Removed the mobile device partnership on the user's exchange account
- Had them try to connect through the MS Remote connectivity Analyzer (successful)

Has anyone seen this issue?
Any suggestions to correct (would like to avoid setting no authentication required on TMG) if possible?

Thank you
0
swfwmd2
Asked:
swfwmd2
  • 2
  • 2
1 Solution
 
bbaoIT ConsultantCommented:
logs! as you have already got a workable TMG sever in place, let its logs tell us what was happening underneath while the issue occured.
0
 
BembiCEOCommented:
Lets say, if it works sometimes, and sometimes not, I would not assume it is a basic configuration item but rather to be possibly a performance issue somewhere.

If MS remote connectivity analyser work fine with full options (including autodiscover), then the clients should be able to connect and to sync. As I assume the TMG is "old" and the exchange is new, the topic is to change all settings in that wa, that the devices can connect like before with the same TMG, but old exchnage, right?.

Mostly affected by suh a move are:
- Autodiscover settings
- DNS settings for CAS, CAS Array (doesn't exist anymore for EX2013), possibly load balancer if more than one CAS role.
- Certificates. If you used public certs before, you can continue to use them. But there is also a cert between TMG and Exchange, so you have to add the cert to the new exchange (what should be the case, otherwise it would nt work.

- On the new exchange, all settings for internela / externaml access addresses  (OWA, Outlook Anywhere, Active Sync etc.) shoul dbe the same than before.
- Check in TMG if the link translation for the exchange folders are alredy correct. Older legry folders there for older exchange versions? This possibly can affect older Active Sync clients.

Just some points to think about.
0
 
swfwmd2Author Commented:
No sure what you mean by the link translation in TMG. We have clicked on the Test button on the proxy rule and all is green.
The Exchange settings are good and the Certificates are confirmed.
We are using the latest version of TMG (2010) that is availble.

I will try to isolate the logs to one or two users that I can monitor when the connections are rejected and when they pass.

But if the settings work fine for the vast majority of staff I am concerned about changing them. Hopefully the logs show some issues.

thank you,
0
 
BembiCEOCommented:
What kind of devices you are talking about? Android, Apple, Microsoft?

Are teh devices up to date?
Is Exchange 2013 up to date? RU3 or later?
0
 
swfwmd2Author Commented:
Viewing the conneciton logs on the TMG gave us the information we needed to correct the connection issue.
Thank you,
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now