iphones and exchange, what am I missing?
Solution 1:
Be sure to have port 443 for https open for the iPhone.
Solution 2:
When we got ActiveSync going in Exchange 2007 several years ago we ran into an issue with certificate validation. Historically we'd used SSL certificates for OWA based on our own internal CA; if you work for us, you should use our CA, QED. However, mobile devices proved hard to convince to accept new CA certificates, so we ended up having to purchase certificates from an Authority just to ease things for our users.
As I recall, iPhone (this was several years ago, things may have changed) was one device that did do certificate validation, and required purchased certificates to work.
Solution 3:
http://www.testexchangeconnectivity.com is the Microsoft site to use to check your connections from outside, you want the Exchange Activesync test, and be sure to use an account you can change the password after testing.
On your firewall, you only need port 443 (HTTPS) from outside to the Exchange server.
On the Exchange server, you need a certificate installed, but it doesn't have to be a purchased one, you can self-sign one for free if you have Certificate Services installed on a server in your company - but not all devices will make it easy to use. iPhones just prompt once to approve your certificate on email account setup, which is easy enough.
You do need to configure ActiveSync on the Exchange server, but not a lot of config is needed in 2010. http://www.expta.com/2010/02/how-to-securely-deploy-iphones-with_25.html but ignoring the certificates part might get you there.
Solution 4:
Exchange does not simply use imaps, which usually run on port 993. You probably need to open for ActiveSync.
Quoting http://support.microsoft.com/kb/259369:
ActiveSync 4.x requires the following Winsock Transmission Control Protocols (TCP) to be available:
- 990 (RAPI)
- 999 (Status)
- 5721 (DTPT)
- 5678 (Legacy Replication)
- 5679 (Handshake & Legacy Replication)
- 26675 (Airsync)