22 Aug Networking considerations – MDaemon, ActiveSync and your mobile devices

Posted at 16:55h in MDaemon, News, Support queries shared by

If you’re a user of the MDaemon email server, and own either an iPhone, Android device or Windows mobile, it’s quite likely at some point you’ll want to synchronise your calendar, contacts and tasks etc.

While the set-up steps for configuring MDaemon and the devices themselves are very straightforward, because MDaemon needs to be visible to the outside world, there are some networking considerations to be aware of.

Important note: This article assumes you have read the specific set-up guide for your device in our Knowledgebase articles below:-

iPhone/ iPad  |  Android  |  Windows Mobile  |  Blackberry Z10, X10, Q10

Allowing access to the Web server from the outside world

Assuming you’ve followed the guides linked above, your MDaemon ActiveSync server should at this point be fully accessible on your internal network. This however isn’t much help for your mobile device which will need to access it from the outside world. What we need to do next is make the HTTPS port (443) visible from the Internet.

The exact steps required here do depend very much on the way your MDaemon computer connects to the Internet and what routers and/or firewalls it passes through to do that.

Generally speaking most of our customers are using a simple NAT based Internet gateway router connected to their broadband internet connection that often include their own built-in firewall,so it’s just this device that needs to be configured.

Lets look in more details at the requirements of the router…

Do you know your public IP address?

Before we can go any further we need to know the public IP address assigned to the router’s Internet facing port. If you don’t already know this there are two ways to find out.

You can often log into the router device using its own web interface and there will usually be a status section that gives you an overview of the interfaces including IP details. Failing that, you can use an IP discovery service to tell you what IP address a machine behind the router apears from outside the network.. If you open up this Web page on the MDaemon server there’s a good chance that it’s this same IP address that the router has assigned.

A tried and tested service that I often use for this is whatismyip.com.

Has your ISP assigned you a “static” or a “dynamic” IP address?

Now we know our public IP address but can we be sure it will always remain the same? Unfortunately the only way to find this out is to speak to your ISP.

It’s becoming more common that ISP’s are no longer giving away static IP addresses to every customer and the norm is be assigned one dynamically every time the router re-connects. If this is the case and the results from whatismyip.com change day-to-day then it’s not the end of the world but does present a new challenge to be overcome.

If you do get assigned a static IP address then that’s great as this will certainly make life easier. As a side note, now would be a good time to plug our sister company Zen Internet as they’re one provider we know for certain offer static IP address services on their broadband connections!

Making a user-friendly DNS address for your users

Everything will work quite happily with just an IP address but it’s always more tidy if you can use a name for your mail server.

It’s possible this is already configured if you already use SMTP mail services, but if not, it’s worth configuring a DNS ‘A’ record on your domain to point for example mail.yourdomain.com to your public IP address.

If you have a dynamic IP address then this is where DNS or more specifically Dynamic DNS (DYNDNS) services can help. The purpose of a dynamic DNS provider is to automatically update a DNS record every time your IP address changes so that there is always a valid ‘A’ record that can be used to point to your server. It’s not a perfect solution, and a static IP is always preferred but it can help provide a way to connect to your MDaemon server from the internet even if your IP address keeps changing. Some common DYNDNS service providers include… noip.com and dyndns.com

Firewall and NAT considerations

The last area to consider in the setup process is making sure any traffic arriving at your Internet router that is destined to go to your MDaemon server actually gets there.Exact configuration here can differ but generally speaking you will need to set up an inbound NAT port redirection, also known as a Network Address Translation or Port Address Translation. In essence, this is the rule that says anything arriving on the public interface on port 443 ( HTTPS) should be redirected to the internal IP address of the MDaemon server e.g 192.168.0.1.

On some Internet routers you may also need to open up the port 443 through any inbound firewalls by creating a filter to allow it to connect to the MDaemon Server IP address, or in some devices you need to allow it to the public interface. Best to consult the documentation here to be sure.

Still not working? Whats answering on the port?

The final step is to make sure that there are not any other services running on the router that are currently using port 443 already. This may seem odd but it’s very common to find that the routers own Web server that is used to configure the settings will answer on port 80 as well as 443. You can also find that some routers/ firewalls will run an SSL VPN service on port 443 and again this will answer instead of MDaemon.

The simple way to check this is to connect to either the public IP address or DNS name for the router from outside the network using a web browser using

https://<yourserver>/Microsoft-Server-ActiveSync 
(replace <yourserver> with the IP address or hostname you use to access WorldClient / ActiveSync remotely)
If ActiveSync is running correctly the web browser output should look similar to this:

if you don’t get this responce then something else is answering on that port or the required firewall/NAT translations must be missing.

Unfortunately as I mentioned early on in this guide ActiveSync must run over either port 80 or 443 so your only choice is to turn off or change the ports of the services that are running on the router.

Example settings on Draytek 2820 router

The exact steps you need to follow to do this depend largely on the make and model of the device itself but usually it’s a case of looking for the management services section and seeing if there is any service configured on those ports that you can change. Typically we recommend using a free port like 444 or 1443 that is easy to remember.

I hope that has been helpful and given you some useful pointers but as always if you have any question please feel free to contact our support team.

Related articles
Tags:
, , , , , , , , , , , , ,


Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap