Windows Server - ISA 2006 in DMZ for Activesync/OWA only Exchange 2003

Asked By GA

03-Aug-07 09:54 AM

Hi ISA experts!  I am an ISA newbie building my first ISA server for Smart
Phone access to email for our sales reps.

Exchange OWA works internally.  I am the Exchange Admin and am fairly
confident that Exchange is setup correctly although the FE/BE topology is
new to me as well.

My network guy wants ISA to live in the DMZ like this:

Public IP >> Edge switch (translates to private ip)>> ISA 2006 >> DMZ Switch
(translates another private ip to internal ip for FE server) >> internal
network (AD, Exchange FE/BE servers).  I'm not sure if this is even
feasible.

I have done the certificate on FE and exported it then imported it on ISA,
published the rule using the wizard, single network config on ISA.  The only
port we have open between DMZ and internal network is 443.

When I try to connect using a smart phone, I can get a username/password
prompt, but it fails to authenticate to ISA.  What am I missing?   I have
read on some websites that the smart phone needs the certificate installed
manually, but I don't buy that.  It defeats the purpose of being able to
deploy a remote solution.  Besides, I tried that and it still doesn't work.

ISA Configuration Discussions

Activesync
(1)

Topology
(1)

LDAPS
(1)

GA replied...

13-Sep-07 03:15 PM

Figured it out myself.  Had to create another rule to allow LDAPS port 636
Inbound.  For some reason the default protocol rule is for Outbound so that
would not work in my DMZ scenario.

When I enabled a rule for inbound to each of my DCs, pre-authentication
worked like a charm.  Now I just need to add users to an AD group to allow
access.

Previous Discussion: POP3

DNS died after NTBACKUP Windows Server

lk:30946 LISTENING TCP fserver:http-rpc-epmap fserver.aglk.lk:53401 LISTENING TCP fserver:ldaps fserver.aglk.lk:47195 LISTENING TCP fserver:1027 fserver.aglk.lk:47219 LISTENING TCP fserver:activesync fserver.aglk.lk:6231 LISTENING TCP fserver:1038 fserver.aglk.lk:26758 LISTENING TCP fserver Latency Check * Replication Site Latency Check . . . . . . . . . . . . . . . . . . . . . . . . . FSERVER passed test Replications Test omitted by user request: Topology Test omitted by user request: CutoffServers Starting test: NCSecDesc * Security Permissions check for all NC Latency Check * Replication Site Latency Check . . . . . . . . . . . . . . . . . . . . . . . . . FSERVER passed test Replications Test omitted by user request: Topology Test omitted by user request: CutoffServers Starting test: NCSecDesc * Security Permissions check for all NC

OMA Activesync issues Windows Server

OMA Activesync issues Windows Server We are having trouble getting Activesync to function properly. We are trying to AirSync to a Treo 750W. There are NO issues with the Treo. It can ActiveSync just fine to another office of ours. Setup: Single SBS03 Server with Exchange 03 SP2 oma works correctly on internal / external browsers and Treo IE browser http: / / servername / Microsoft-Server-Activesync requests password over and over. We believe this is the problem. The Treo requests the users password over and over again (same behavior as Microsoft-Server-Activesync connection) Followed Method 2 in KB817379 - No help KB215383 - No help This issue is directly not Exchange 2003 and or Treo 750. We had to call MS Support to get Activesync to "kind of" work properly at another office and the issue was IIS 6. We are aware of a IIS script that can repair Activesync / OMA issues in IIS and is available by request from MS Support. We have not Server 2003 (1) Outlook (1) IIS (1) IISReset (1) MimeOLE (1) MBExplorer (1) Report (1) Activesync (1) Hello Ted, Thanks for posting in our newsgroup. From your description, I know that

Activesync & network issues Windows Server

Activesync & network issues Windows Server I know that this should be posted on the activesync forum Setup SBS 2003 R2 Premium Cliente XP Activesync 4.5 for samsung phone Dell Laser MFP 1600n on the network with software to the scanner stops working Application software: when the phone is plugged the software stops working. Activesync works perfectly from the phone point of view. work around: Unplug the phone Has anybody problem? TIA Miguel Windows Server SBS Discussions Windows Small Business Server 2008 (1) XP (1) Activesync (1) Cliente (1) Meng (1) Understandings (1) Conflicts (1) Incidents (1) Not seen anything similar R2 domain. When your Samsung phone is plugged into the server, the "software" stops working. Activesync works from the phone and issue will disappear when unplugging the Samsung phone. If I the symptom, it seems that the DELL All-In-One printer has some confliction with ActiveSync. Except for IP conflict as Miguel mentioned, please also check whether there are any port conflicts between your printer / scanner and the mobile device. By default, ActiveSync uses port 990 to send its data into the computer. If it does not work

Topology Discovery did not fully discover topology Windows Server

Topology Discovery did not fully discover topology Windows Server I am getting this on one of my MOM servers: Failed to get the flat names for the computer 'XXXXXXXXXXXXXXXX'. This will cause an incomplete topology to be displayed. The error returned was: The error returned was: 'The remote server machine any ideas what is causing this? The Domain Controller in question does exist. MOM Discussions Topology (1) Hi Matt, Please take a look at http: / / support.microsoft.com / kb / 901051 / en www.contoso.se M> Failed to get the flat names for the computer M> keywords: Topology, Discovery, did, not, fully, discover, topology description: I am getting this on one of my MOM servers: Failed to get the flat names for the computer 'XXXXXXXXXXXXXXXX'. This will cause an incomplete topology to b