Highlighted
Absent Member.
Absent Member.
5150 views

Using a alternative port for a GMS client

Hi,
I know this question is not directly GMS, but I have been searching Google and Apple without finding the answer.
I want to have GroupWise web access on default port 443 - and I would like to use GMS to get mail and calendar on iOS clients.

So I will make a NAT rule in the firewall translating an alternative port to my GMS server on port 443.
Can this alternative port be configured in an iOS mail account (Exchange type)?

Best regards Claus, DK
Labels (1)
0 Likes
12 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

On 28/07/2014 14:06, clausbc wrote:

> I know this question is not directly GMS, but I have been searching
> Google and Apple without finding the answer.
> I want to have GroupWise web access on default port 443 - and I would
> like to use GMS to get mail and calendar on iOS clients.
>
> So I will make a NAT rule in the firewall translating an alternative
> port to my GMS server on port 443.
> Can this alternative port be configured in an iOS mail account (Exchange
> type)?


I believe ActiveSync uses port 443 for SSL/HTTPS connections and 80 for
non-secure HTTP connections and that these cannot be changed to
different ports.

HTH.
--
Simon
Novell Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Using a alternative port for a GMS client

Yes - I know.
That is why I will only use the alternative port from client to firewall and then redirect in the firewall to standard 443.
So my question is on the client side.
Regards.

Best regards Claus, DK
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

On 28/07/2014 16:16, clausbc wrote:

> Yes - I know.
> That is why I will only use the alternative port from client to firewall
> and then redirect in the firewall to standard 443.
> So my question is on the client side.


My answer still applies - ActiveSync from the client wants to talk to
port 80/443.

HTH.
--
Simon
Novell Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

On 28.07.2014 16:34, Simon Flood wrote:
> I believe ActiveSync uses port 443 for SSL/HTTPS connections and 80 for
> non-secure HTTP connections and that these cannot be changed to
> different ports.


Depends on the individual device. Many can specify alternative ports,
but also many can't. Last I checked, IOS could, Android generally only
4.3 or higher and some older specific devices (HTC for instance always
could do this), Windows Mobile up to WM7 can't chnage it. No idea if
they can now.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Using a alternative port for a GMS client

Any idea of the syntax on iOS?
A-record.domain.dk: port seems doomed as invalid,
Claus

Best regards Claus, DK
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

In article <clausbc.6hyzgn@no-mx.forums.novell.com>, Clausbc wrote:
> That is why I will only use the alternative port from client to firewall
> and then redirect in the firewall to standard 443.
>

Just to be sure we are all on the same wavelength.
Is your GMS running on its own instance of SLES, separate from WebAccess,
but you have only the one public IPv4 address to work with?


Andy of
KonecnyConsulting.ca in Toronto
Knowledge Partner
http://forums.novell.com/member.php/75037-konecnya
If you find a post helpful and are logged in the Web interface, please
show your appreciation by clicking on the star below. Thanks!

___
“i’ve sworn an oath of solitude til the blight is purged from these lands”
Andy of Konecny Consulting in Toronto
Knowledge Partner Profile
If you find a post helpful, click the Like button below. Thanks!
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Using a alternative port for a GMS client

Hello,

On iOS, you can specify a port by using <gsmnameserver:<portnumber>

Jean-Luc

Jean-Luc LE DOLEDEC GALOS RSSI - France
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Using a alternative port for a GMS client

konecnya;2327224 wrote:
In article <clausbc.6hyzgn@no-mx.forums.novell.com>, Clausbc wrote:
> That is why I will only use the alternative port from client to firewall
> and then redirect in the firewall to standard 443.
>

Just to be sure we are all on the same wavelength.
Is your GMS running on its own instance of SLES, separate from WebAccess,
but you have only the one public IPv4 address to work with?


Andy of
KonecnyConsulting.ca in Toronto
Knowledge Partner
http://forums.novell.com/member.php/75037-konecnya
If you find a post helpful and are logged in the Web interface, please
show your appreciation by clicking on the star below. Thanks!


Yes, that is the exact situation.

Best regards Claus, DK
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

On 28.07.2014 23:16, clausbc wrote:
>
> Any idea of the syntax on iOS?
> A-record.domain.dk: port seems doomed as invalid,


No, sorry, I'm not an Apple User, I was told by one (actually multiple)
that it works. There are also hints to be found in google that it does.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Using a alternative port for a GMS client

clausbc wrote:

> > Just to be sure we are all on the same wavelength.
> > Is your GMS running on its own instance of SLES, separate from
> > WebAccess,
> > but you have only the one public IPv4 address to work with?

>
> Yes, that is the exact situation.


As others have pointed out, depending on the device you may or may not
be able to specify an alternate point. I know your question is
regarding iOS, but even then, there's always the possibility that an
iOS update could break this even if today iOS allows specifying an
alternate port.

If anything I would keep GMS on standard 443 because of device
limitations and then use an alternate port for WebAccess. You can
always specify the port in a URL in a browser. That would be much
safer.

--
Your world is on the move. http://www.novell.com/mobility/
BrainShare 2014 is coming. http://www.novell.com/brainshare/

Joe Marton Emeritus Knowledge Partner
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Using a alternative port for a GMS client

In article <clausbc.6i05lb@no-mx.forums.novell.com>, Clausbc wrote:
> konecnya;2327224 Wrote:
> >...
> > But you have only the one public IPv4 address to work with?

>
> Yes, that is the exact situation.
>

Instead of doing PAT at the firewall, just do straight NAT and set your
GMS or Webaccess to the port you are using so that it is the same port for
client as well as what GMS or Webaccess is using. Also make sure it isn't
a common port or too high up, 1443 is a commonly picked one for those of
you in your situation.

If it is still a problem, it would be worth capturing the packets of the
attempts coming in, either at the firewall level and/or on your GMS or
Webaccess server.


Sorry for the delay, August got weirdly busy for me and I've finally got
the time & energy to dive back in here.


Andy of
KonecnyConsulting.ca in Toronto
Knowledge Partner
http://forums.novell.com/member.php/75037-konecnya
If you find a post helpful and are logged in the Web interface, please
show your appreciation by clicking on the star below. Thanks!

___
“i’ve sworn an oath of solitude til the blight is purged from these lands”
Andy of Konecny Consulting in Toronto
Knowledge Partner Profile
If you find a post helpful, click the Like button below. Thanks!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.