1

I need to connect our Exchange 2010 to have the ability to sync with iPhones or any supported mobile device.

Currently port 25 is open, do I need to forward port 443 to the Exchange server?

Also, do I need to have an SSL certificate and if yes, where do I install it?

Ben Pilbrow
  • 12,041
  • 5
  • 36
  • 57
miro23
  • 198
  • 2
  • 10

2 Answers2

4

ActiveSync (which the iPhone uses) works over ports 80 and 443 (preferably 443). Yes you will need to forward HTTPS traffic to your Exchange server for this to work.

I really recommend the Exchange ActiveSync test over at testexchangeconnectivity.com - it is one of the best tools you can use to help you set it up properly and diagnose any problems.

Exchange should have already created you a self signed SSL certificate and set it to secure your server. If you don't have a certificate of your own to replace the one it created, you can still use ActiveSync on the iPhone, you will just need to trust the certificate when the iPhone email setup prompts you to.

Ben Pilbrow
  • 12,041
  • 5
  • 36
  • 57
  • Thank you, wouldn't be better to purchase a trusted SSL certificate for a few years? – miro23 Jan 23 '11 at 19:56
  • It is entirely up to you as to whether you purchase an SSL certificate, use the default self signed certificate or use an Enterprise Root CA. The benefits of a proper certificate are definitely clear though - all modern web browsers will trust them, as will modern mobile devices (some may not allow you to install custom certificates). A proper SSL certificate will cause you the least hassle and confusion and it will just work™ with no fiddling around installing custom certificates. – Ben Pilbrow Jan 23 '11 at 20:02
0

I would strongly recommend using a Threat Management Gateway (TMG) to publish this rules so it's all safe and secure!

TMG is placed on DMZ and takes the bogus traffic before it hits the internal servers!

ftornell
  • 1