What is the best way to set up an ActiveSync port on an Exchange 2003 server without allowing OWA on the same port?
Users should have access to OWA within the corporate network, via port 443 on the mail server. However, as a matter of policy, OWA access from public IP addresses is prohibited.
The company wants to enable ActiveSync access from the outside (using trusted mobile devices) without also enabling OWA access from the outside.
I believe that the way to accomplish this is to set up a separate site in IIS Manager, which includes the items necessary for ActiveSync while excluding items that are used only by OWA.
With Exchange 2007 or 2010, it appears that the New-ActiveSyncVirtualDirectory cmdlet would make this quite easy. However, this is an Exchange 2003 server.
I have tried using IIS Manager to create a site on a separate port with only the "Microsoft-Server-ActiveSync" and "OMA" items, then enabling a NAT policy on the firewall mapping that port to :443 on a public IP address. Although an iPhone can connect and set up an account with just those two services, it cannot send/receive mail.
What else needs to be enabled? Or, is it simply impossible for an Exchange 2003 server to offer ActiveSync services without enabling OWA on the same port?
(The company plans to move to hosted mail services within months and is therefore not interested in migrating to Exchange 2010.)
