vB Easy Archive - Help setting up direct push to a Samsung Blackjack

Pages: 1

Help setting up direct push to a Samsung Blackjack
(Click here to view the original thread with full colors/images)

Posted by: mikesm

Hi. I am having a devil of a time trying to set up direct push to my wife's samsung blackjack, and after trying a bunch of things mentioned in other threads, I thought I would post my specific issues in search of aid.

My wife just got a blackjack with the PDA plan and internet access works fine. We run exchange on a home server, since I am a microsoft action pack subscriber and get all of Microsoft server products as part of the subscription. We run SBS 2003, and use it for contacts, calendaring and since my wife doesn't have corporate email, mail for her as well. Exchange is configured to support OWA access, mobile access with direct push, and has all the latest service packs installed on it. It works fine at home.

The server is connected behind a monowall firewall that is attached to comcast's broadband service. The firewall is programmed to send DNS updates to dyndns.org, so I can connect to the firewall even if the IP address changes. I have a PPTP VPN server running on monowall, so I can tunnel into the home network from the outside.

Ok, now for the issues. The blackjack's direct push configuration doesn't seem to allow the same choices as pocket IE, in that I can't seem to configure it to use a VPN tunnel to access the server. This means I need to expose HTTPS on the server via NAT in the firewall. This works fine. I can connect to OWA from the Internet and can do that from her blackjack as well.

The issue appears to be the SSL certificate that is loaded into the exchange server for OWA. I can get a free cert from instantSSL, load it, and then try exporting the cert for loading into the blackjack. I think I am running into problems here.

First off, since I don't have a permanent IP address, I have to use a name as input into the certificate generator. If I use the dyndns.org name, then I have problems because instantSSL's free cert generator wants to send authentication email to hostmaster@dyndns.org, which won't get to me. So I have a private domain where I have a name, a.foo.org for example, that is set up as a CNAME to the dyndns.org. This is used for the cert (since it appears the name must be the externally recognized name for the server), and I think this works. I have temporarily set the a.foo.org name to the current IP address that comcast has assigned, and I can successfully connect to the server on the HTTPS port for OWA.

Next, I have exported the cert from the exchange server, and "double clicked on it" after moving it to the phone. I believe this is supposed to install it on the phone, but there doesn't appear to be a way to tell if it was successfully installed. The sync via OWA doesn't work, and the error code doesn't seem to be particularly informative. Now I know why the IT people at the office hate smartphones and make us all carry blackberries. BES configuration is easy compared to this.

Questions:

1) Am I missing something here in the configuration?

2) How can I tell if my cert was properly loaded into the blackjack? I can pull up a list of root certs, but not the one I created.

3) Do I need to install the instant SSL root cert into the blackjack in order for my exchange server's cert to be recognized? InstantSSL certs aren't recognized as authoritative by default. How do I do this? The instantSSL cert site doesn't have a howto on installing it into smartphones, just normal browsers, and that doesn't seem to work for the phone.

4) Is there another free certificate service that would work better than instantSSL? I really don't want to pay a lot of money to make this work.

5) Is there a way for the blackjack to use a VPN to talk to my exchange server?

6) any other ideas? Has someone else with a home exchange server ever gotten this to work? How did you do this?

Thanks,
Mike