thank you for your quick reply. I have looked for 3.9 but it is not available. 3.7 was there at the MS download site but that is really rather old, isnīt it? And I have no good feeling about that old stuff. Everywhere you get told to use the newest release. And I use E2K3 SP2 which is quite new, my MDA does also have the newest release of WM5. I do not think that this makes sense. Do you really have no other idea? Perhaps if I offer you a view into the logging of my ISA 2004? There it seems to go wrong because of I think that there should be no entries that say "denied" SSL and as source the inner address of the ISA. What about that?
The version of ActiveSync used in the docking cradle has nothing to do with the ISA firewall device. In fact, I never put my phones in the cradle except to install software -- they update over the Internet link.
Ok, if you tell me that this is perhaps even the way as how it is meant from the developers then I should be satisfied. But I had one other solution before where I had configured the sync to go via VPN and there I got no errors. I am one these guys who can not accept error messages where there should be no.
"> An "Internal to Internal" rule fixed this problem. Does an "Internal to > Internal" rule indicate that something is configured wrong on my ISA 2004 box?
But what I would really like to ask is what does your "internal - internal" rule excactly allow. And why do you close your short answer with another question? To me you do not seem very sure about what you did. So why should I follow? Do you hope someone else will say something helpful about this? So do I."
When the device is in the cradle, it's not using the "over the Internet" ActiveSync settings, so the "internal to internal" stuff is BS. However, there would be an issue with a device that was using a WiFi connection on the same network on which the Exchange Server is located, since you would need to configure, on the device (not the ISA firewall) that the internal domain use Direct Access instead of the proxy.
There is a known problem with versions after 3.7 with the Firewall client. However, if you disable the ActiveSync app from using the Firewall client with:
Tom, unfortunately if you go back to versions prior to 4.0 you lose a large feature set for Windows Mobile 5.0 devices. In addition I need to cradle my device so that my Tasks folder can be updated on my device. The wireless sync does not sync tasks, only Emails, Contacts, and Calendar items. I am also in the middle of a large 40 story building and have absolutely no signal/reception during the day. In order to keep my device up to date during the day the USB port connection comes in handy. That way I don't have a ton of updates to be done when I finally get a good signal again.
I struggled with this for a couple of months and I stumbled across a post somewhere about creating an Internal to Internal rule (I can't seem to find that link now). For whatever reason, after creating and activating that rule all of my Winmobi 5.0 devices and AS 4.2 now can sync while wired to the USB port and of of course the wireless AS/Exchange still continues to work. If I disable the rule the devices revert back to the 85010016 errors. This rule seems to have solved my problem for whatever reason good or bad.
My question is why an "internal to Internal" rule would allow my Win MObi devices to work? Did my vendor configured something wrong on my ISA 2004 box? In theory I should not need to configure any type of rule on the ISA 2004 box for inside the firewall host to host communication correct?