Exchange 2003: No PUSH through VPN ?

Discussion in 'iPhone Tips, Help and Troubleshooting' started by KB6329, Mar 4, 2009.

  1. KB6329 macrumors newbie

    Joined:
    Mar 4, 2009
    #1
    Hi there,

    I managed to configure my iPhone and my SBS/Exchange 2003 Server to use VPN and ActiveSync. I can read my emails both with and without VPN.

    PUSH works great when connecting the server directly using its public WAN IP address.

    But when connected via VPN and using the servers private LAN IP, PUSH is not working anymore. I can "pull" my emails opening the mail app. But I wont get notified.

    Any ideas? Anyone?

    Thanks a million,

    Steve
     
  2. Gix1k macrumors 68030

    Gix1k

    Joined:
    Jun 16, 2008
    #2
    Push implementation uses UDP for out-of-band notifications. Since many VPNs have overly-aggressive firewalls/NAT implementations that kill or otherwise mangle UDP packets, this is a typical result.
     
  3. ppc750fx macrumors 65816

    Joined:
    Aug 20, 2008
    #3
    That's completely incorrect. Maybe you're thinking of Yahoo!'s push implementation?

    ActiveSync uses long-lived HTTP(S) connections for DirectPush.

    My bet is that the HTTP requests from the LAN-side of things aren't being answered by your mail server. Why that is, I don't know -- you'd have to ask your local IT administrators about that. Perhaps they've borked the Exchange server's firewall policies, or perhaps they never figured someone would need DirectPush via a LAN IP?
     
  4. RandomKamikaze macrumors 6502a

    RandomKamikaze

    Joined:
    Jan 8, 2009
    Location:
    UK
    #4
    I agree. Exchange ActiveSync will have been published only to the Internet. All internal connections will more than likely be required to use the MAPI protocol (this is what Outlook uses)
     
  5. ppc750fx macrumors 65816

    Joined:
    Aug 20, 2008
    #5
    Yeah, that's kinda what I figured.

    To the OP: you might want to ask your IT dept. about this. If this is what's going on, then you'll need to get them to configure your VPN policy such that connections to the mail server are routed through your WAN interface rather than your VPN interface.
     

Share This Page