Question : Problem: Exchange ActiveSync and Iphone.  Has anyone actually gotten them to work?!?!

I'm beginning to think that Iphone working with Exchange ActiveSync is a myth like Yeti, or WMD's. I have yet to get one up and running, and I haven't found another IT Pro who has successfully set one up, without resoriting to the non-ActiveSync work around (IMAP, etc).  

Here's my current scenario with a client.  

-They are running Exchange 2003 (all SP's, and updates) with SSL, Windows Server 2003.  OWA works internally and externally with SSL.
-The IPhone works with ActiveSync when connected to the local Wifi.
-It does not work externally at all with activesync
-I setup the Cisco VPN client and it connects successfully and routes all internal addresses correctly.
-Even with the VPN client connected, ActiveSync does not work.  Our remote email address works internally with correct DNS entries.  Even with this I changed the Iphone to look at the internal IP of the email server and it still doesn't work.
-When connected to the internal WiFi it works with ActiveSync whether SSL is turned on or off on the Iphone.

This setup is behaving so erratically that it's hard to troubleshoot with all the contradictions.   Any lucky soul who has got their Iphone to work with their Exchange Server using ActiveSync, I am open to any and all suggestions.

Answer : Problem: Exchange ActiveSync and Iphone.  Has anyone actually gotten them to work?!?!

You can have it any way you want to, based on your DNS setup.  We had to do so many things to get this up and running, that it was a little ridiculous. One thing we did was buy a public cert.  The other thing we did was make sure that RPC over HTTPS was working as they both use almost all the same things to work.  Here's a link that we followed

http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

On that website I downloaded that RPCNoFrontEnd tools to make sure I had all the right ports opened and pointing to the right location.  We actually had one that was not configured correctly.  Once we did all that, and then changed the IIS security which I posted earlier it worked.