So close yet so far! I love this machine but...

Here's the scoop. I have a hx4700 with wi-fi running Checkpoint Securemote VPN. e-Mail, PIE, mail-updates from inside my corporate network, even terminal server access, all that is great!!!

But I would like to Activesync through wi-fi through vpn to my to my windows 2000 desktop on our corporate network. I think I've done all the obvious stuff and I must be close cause from my pda when I click Activesync/sync I get a wakeup (connecting ... on both my PDA and desktop...but after a 3 minute wait, I get an error box pop-up


"Microsoft Activesync

Critical communications services have failed to start. Try resetting the mobile device and then connect again."

FYI I have pocket hosts set up with the correct IP of my desktop machine.
Well I have reset the PDA so many times my fingers are falling off but still no go. I need help from one of you geniuses out there.

Heeeelp!!!!

Yep... you're very close indeed. I would also suggest making sure that the necessary TCP ports you need for Activesync is not blocked. You need to make sure that TCP Ports 990, 999, 5678 5679 and UDP Port 1900 has bidirectional access. If these ports are blocked then you will get that error.

Ted Whitely
whitelyt at ipaqhq DOT com

HP rx3715
Dell Axim X50v
HP 2215
Dell Axim X30

 

Holy smokes! That close eh? Thanks a million for replying so quick!
But opening those ports could be scarry! Big bad world out there. Have you heard of problems? Am I wrong to be concerned? Is there any other way?

If you have vpned into your network, shouldn't you have access to those ports? That's one reason to use VPN; you can access ports like that without opening them to the Internet.

OK, you expressed that better than I did above. I am indeed VPNed in but get the error above when trying to sync. Everything else is OK and it is some sweet. I just need this last little step to create PDA perfection!

M

In theory a VPN channel will have those ports opened by default. However depending on the VPN setup firewall rules can established to only allow certain functions. This can be the case with corporate VPN setups.

Ted Whitely
whitelyt at ipaqhq DOT com

HP rx3715
Dell Axim X50v
HP 2215
Dell Axim X30

 

So just so I understand this right...everyone out there has these ports opened to the world? really? BTW sure appreciate your help on this. In the meantime I just got radio streaming working...too cool!

M

Well, not everyone has those ports open to the world. Some companies have everything open to the world. You should see if you can get those ports available once vpned in (is vpn a verb?). However, it's very possible that your tech dept or someone who decides things at your company may say no. While to me is seems that there should be no reason why you shouldn't be able to get access to those ports once vpned in, someone may have a good reason (or no reason at all for that matter) for saying no.

Hope this helps clear things up (after reading it, I'm not sure if it's clear or not), and I hope you get get access to those ports.

BTW what's your setup for streaming radio?

--Chris

Thanks for your help. I really appreciate it. But I've got to say I still don't understand. If I am VPNed in, I'm in right? So why do I have to open special ports? I hope there is a way to take advantage of the VPN. If not what is the point? If I open up the firewall everytime I want access, then why do I need a firewall? Sorry, I guess I'm just p off that its designed that way. My VPN lets me access my mail, even my files, but when I want to activesync I must punch holes in my firewall? That just can't be right can it?

BTW for streaming radio I downloaded gsplayer and get my content from shoutcast.com but there are several others who claim they do this.

The whole thing is really dependent on the VPN configuration itself. For example you can setup Windows 2000 and Windows XP to allow VPN connections. Then you can connect your PPC directly to a workstation. For the most part there is no firewall (unless you install one); just a peer-to-peer connection. However there are dedicated VPN routers and concentrators as well that have integrated firewall setups. It is possible to allow a VPN connection but to not allow certain connections within that VPN channel. It really all depends on how the VPN infrastructure is built.

One thing is for sure that the TCP ports mentioned above will allow clean Activesync connection. Due to an upgrade of my Linux Firewall I have not successfully tried VPN. However I have opened up the ports on my firewall to only my corporate IP addresses and Activesync over the internet works fine. I would rather use VPN so I shut the ports down.

Ted Whitely
whitelyt at ipaqhq DOT com

HP rx3715
Dell Axim X50v
HP 2215
Dell Axim X30

 

OK, the quest continues...even after doing all the firewall stuff you recommended...nothing!

Still get

"Microsoft Activesync

Critical communications services have failed to start. Try resetting the mobile device and then connect again."

after a long wait. Installed an access point inside the network and activesynced through it without the VPN no problem but no go on the first. Could I ask you to review the ports you quoted before? Perhaps there are others?

Obviously part of the connection is good because invoking "Sync" from the pda wakes up activesync on my PC, alas then it stalls! So very frustrating. Any other ideas anyone?

M