Active Sync issues
I have an Exchange 2003 server that I have had up and running for 2 years now. We purchased IPhones and got them syncing using ActiveSync just fine with no problems.
This last week I moved my server to a co-location site. My OWA works. My RPC over HTTPS works. My SSL certificate is coming up perfect. MyBlackberry server which is still in the main officeis working just fine. But my Active Sync justisn't working. I've opened up every port I had opened on my old firewall plus some (i've added 993 and 995).
From the co-location center to our office we have a metro ethernet line, and I have a domain controller with DNS in both locations.
The only difference between the 2 is thatthe office hasa SonicWall 2050 firewall and theco-location is a Cisco router.
I'm not sure if ActiveSync has some settings I need to update with the new IP addresses or if Exchange is my problem, or if there is something else with the firewall. Any help would be appreciated.
ThanksDennis
September 14th, 2008 5:09pm
Hi,
It might help if you posted the error code you see on the iPhone.
Can you tell from the iis logs if the phones areconnecting to the exchange server?
Leif
Free Windows Admin Tool Kit Click here and download it now
September 14th, 2008 6:26pm
I wish I had an error code to post. That was part of my problem, but I didfigured it out.I'm sure I won't be the only one to get this, so here is what happened.
Even though my SSL certificate seems to be working it had an issue on the IIS side. I used article 817379 and was going through it when I found that I had not changed my 'granted' ip address to the new address.
In IIS Administrator i selected my exchange-oma webpage and went to properties. then
On the Directory Security tab under IP address and Domain namerestrictions, click Edit.
Click the options for Denied access, click Add, click Single Computer and type the new IP address where I moved the server too, then removed the old IP address. Click OK.
Immediately after restarting IIS everything started to work.
Hope this helps someone else.
Dennis
September 15th, 2008 2:53pm
Thanks to Dennis, the post would be very helpful for someone else in the same scenario.
I would like to say that, after moving Exchange servers location and changed the server IP address with a new one, please dont forget to update it in denied IP address on the exchange-OMA virtual directory which created for Exchange ActiveSync and Outlook Mobile Access. For the reason ofcreating the exchange-OMA virtual directory, I recommend reading the below article if someone in the same process.
Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003
<><><><><><><><><><><><><><><><><><><><><><><><><><><><>
Why creating the second virtual directory named exchange-oma?
Please refer to the cause described:
Exchange Server ActiveSync and Exchange Outlook Mobile Access (OMA) use the /Exchange virtual directory to access OWA templates and DAV on Exchange back-end servers on which the user's mailbox is located. Server ActiveSync and OMA cannot access this virtual directory if either of the following conditions is true:
The /Exchange virtual directory on an Exchange back-end server is configured to require SSL.
Forms-based authentication is enabled.
This issue does not occur when you enable these settings on the /Exchange virtual directory on a front-end server.
<><><><><><><><><><><><><><><><><><><><><><><><><><><>
If someone is still unclear about it, please just follow up this thread.
Cheers,
-Jason
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2008 10:34am