• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange and RoadSync

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Exchange and RoadSync Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange and RoadSync - 13.Oct.2006 11:27:02 AM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Hi,

Thanks to the articles etc I have read here I have got my ISA 2006 server publishing with FBA and currently Web Access, Active Sync and OMA are all working as expected.  We have a few new devices that are using RoadSync but these don't seem to work.  Im told they only use over the air sync rather than a client (a la active sync).  The ISA logs show anonymous connections like this:

12239 The server requires authorizarion to fulfill the request.  Access to the Web server is denied.  Contact the server administrator.  Anonymous.  http://server.domain.com/Microsoft-Server-ActiveSync?User=JohnDoe&DeviceID=9282928292829282&DeviceType=RoadSyncClient

The normal ActiveSync ones do work.  I would rather not open https completely to test the device without ISA.
Does anyone know what I may be doing wrong?

Further Info:
There is currently no other firewall apart from ISA.
The Cert is home grown and I have copied the root and mail certs to the devices (same as the active sync ones).
Let me know if i've missed anything.

thanks
Andy
Post #: 1
RE: Exchange and RoadSync - 13.Oct.2006 11:41:06 AM   
alans

 

Posts: 67
Joined: 8.Mar.2006
Status: offline
Hi,

We are using Roadsync with no problem using the current ISA 2006 publishing rule for OWA, OMA, Active-sync.

Are you doing HTTPS publishing?

Alan

(in reply to AndyJG247)
Post #: 2
RE: Exchange and RoadSync - 13.Oct.2006 12:38:53 PM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Hi,

Thanks for the reply.  Yes its HTTPS.  We have a Ent CA so I created a cert for the mailserver and then imported the root and mail certs onto the device.  It all works for the Active Sync phones.  I have tried 3 different types of RoadSync based phone but the only logs I get are the errors from ISA.  When the AS ones work they show the username rather than anonymous.
I was guessing it was something to do with ISA and its FBA but if thats not the case then im stumped.
Did you have to do anything noticeably different for the RoadSync ones?

thanks again
Andy

(in reply to alans)
Post #: 3
RE: Exchange and RoadSync - 15.Oct.2006 11:12:06 AM   
alans

 

Posts: 67
Joined: 8.Mar.2006
Status: offline
Hi,

Nope nothing.

Works.

Alans

(in reply to AndyJG247)
Post #: 4
RE: Exchange and RoadSync - 16.Oct.2006 3:49:03 AM   
hla123

 

Posts: 13
Joined: 20.Sep.2006
Status: offline
Hi, we are having the same problem with a RoadSync client. The Windows Smartphone devices works fine. We have bought the cert and running FBA.
Have you got any new info?

_____________________________

Henrik Larsson
Xitrus barnkläder och babykläder, coola, tuffa och trendiga

(in reply to alans)
Post #: 5
RE: Exchange and RoadSync - 19.Oct.2006 7:56:34 AM   
hla123

 

Posts: 13
Joined: 20.Sep.2006
Status: offline
I´ve got it to work! (But without FBA ).
I had the same problem as you and when we changed it from FBA to ordinary HTTPS, it worked. Unfortunaly we want to run FBA so this is not the solution though. Have you got any new feedback?

Regards,
Henrik


_____________________________

Henrik Larsson
Xitrus barnkläder och babykläder, coola, tuffa och trendiga

(in reply to hla123)
Post #: 6
RE: Exchange and RoadSync - 3.Nov.2006 10:01:14 AM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Hi,
I haven;t got any further im afraid.  Still looking.  Losing FBA isn't an option for me either.

Let me know if you get anywhere tho.
cheers

(in reply to hla123)
Post #: 7
RE: Exchange and RoadSync - 8.Dec.2006 6:40:20 AM   
hla123

 

Posts: 13
Joined: 20.Sep.2006
Status: offline
Hi, everybody. I have got it to work finally!!!!
Try to disable "Require users to authenticate" in the listener for the EAS rule on the ISA server. Then add "Anonymous" users to the Microsoft-Server-ActiveSync virtual directory in IIS on the mailserver(s).
I dont know if this is a security issue or not but the EAS with FBA, for Erisccon phones works!





_____________________________

Henrik Larsson
Xitrus barnkläder och babykläder, coola, tuffa och trendiga

(in reply to AndyJG247)
Post #: 8
RE: Exchange and RoadSync - 8.Dec.2006 6:11:44 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Allowing anonymous connections to the mailservers is exactly what FBA on ISA is designed to prevent.

FBA proves valuable pre-authentication to ensure ONLY authenticated users can actually pass data to the exchange servers.

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to hla123)
Post #: 9
RE: Exchange and RoadSync - 9.Dec.2006 4:07:10 AM   
hla123

 

Posts: 13
Joined: 20.Sep.2006
Status: offline
Hi, what is your suggestion to do?



_____________________________

Henrik Larsson
Xitrus barnkläder och babykläder, coola, tuffa och trendiga

(in reply to Jason Jones)
Post #: 10
RE: Exchange and RoadSync - 10.Dec.2006 5:31:41 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
If you want to use RoadSync and also need FBA then I don't really see any option apart from maybe creating new listeners/rules specifically for RoadSync and accepting the fact that anonymous connections are permitted for this service only.

I appreciate it is not an ideal solution, but just wanted to point out what is lost without FBA.

It is a very similar situation with Entourage trying to access Exchange via ISA: http://support.microsoft.com/kb/909268/en-us

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to hla123)
Post #: 11
RE: Exchange and RoadSync - 11.Dec.2006 3:06:21 AM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Im not entirely sure how to setup a specific rule just for Roadsync (as I already have the activesync style ones working).  I don't suppose you have any links or help you could give on doing it?

thanks

(in reply to Jason Jones)
Post #: 12
RE: Exchange and RoadSync - 21.Dec.2006 5:48:27 AM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Ok. Has anyone that has this working got anonymous turned off or is it the case that we have to go the less secure route?

thanks

(in reply to AndyJG247)
Post #: 13
RE: Exchange and RoadSync - 27.Jun.2007 1:58:21 AM   
Mylle

 

Posts: 39
Joined: 28.Apr.2004
From: Denmark
Status: offline
Hello,

I have now run into the exact same issue. Has anybody come up with a fix for this yet? will there be a fix?

Thank you

Jacob

(in reply to AndyJG247)
Post #: 14
RE: Exchange and RoadSync - 15.Aug.2007 6:53:30 AM   
bdickgiesser

 

Posts: 1
Joined: 15.Aug.2007
Status: offline
Hi,

I also run in the same problem. Is there still no solution/hotfix for this?

Thanks
Ben

(in reply to Mylle)
Post #: 15
RE: Exchange and RoadSync - 15.Aug.2007 5:22:10 PM   
hla123

 

Posts: 13
Joined: 20.Sep.2006
Status: offline
Hi, I recently spoke the Ericsson support and they are aware of the problem but doesnt have a solution. Its more of a RoadSync issue because SE OEM the product from Dataviz. I have spoken to Dataviz directly but they refer to SE. (Moment 22.)

_____________________________

Henrik Larsson
Xitrus barnkläder och babykläder, coola, tuffa och trendiga

(in reply to bdickgiesser)
Post #: 16

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Exchange and RoadSync Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts