04-18-2013 08:04 PM - edited 04-18-2013 08:04 PM
We already have active sync working for email (both iphone / android)
i want to install UDS, so we can control android devices (not iphone at the moment). i already install core BDS on server in LAN, (wokring fine)
i am trying to install UDS so we can better manage android and blackberry 10 phones. Do i need communication manager at all (or better yet, does it need to be installed on DMZ??)??
04-19-2013 03:53 PM
04-19-2013 03:59 PM - edited 04-19-2013 04:01 PM
So just thinking out loud here... if you had some other gateway / vpn / TMG sitting in your DMZ, you could point the external DNS record to that instead of the communication module... and the TMG or whatever you use can tunnel that traffic to the communication module on your internal LAN...
I have NO idea if that is possible as the UDS documentation makes no mention of doing it that way.
And then there's the whole issue of certificates... I don't know how that works into this either... would I then need an externally signed certificate for both my UDS connection as well as Active Sync connection on the end user's device?
04-19-2013 04:32 PM - edited 04-19-2013 04:33 PM
ok so from what i have been reading (researched) ,, active sync is working without any issue on IOS and android devices. but u meed to have communicatioin manage installed. to control these devices and push policies..
my installation will only have communication manager /module installed on dmz. and usd installed on internal lan
Setup a static NAT for DMZ
Setup a DNS A record for the box in the DMZ with the communication module installed.
all external > DMZ NAT'd address:443
allow DMZ > UDSLAN tcp8081
allow UDSLAN > all external:tcp3101
allow UDSLAN > all external:tcp2195
allow UDSLAN > all external:tcp5223
allow UDSLAN > all external:tcp80
allow UDSLAN > all external:tcp443