Technology News, Tips, Reviews, Analysis | Subscribe to Jason Slater Technology BlogTechnology News Feed | Join Jason Slater on TwitterTwitter | Tuesday 7th September 2010

Further Dealings with Event 1040 MS Exchange ActiveSync

By Jason Slater
Thursday, 6 August 2009
  • DiggThis
  • Share

Further to the previous article: Dealing with Event ID 1040 MS Exchange ActiveSync we are still experiencing this problem. Apparently the only port required for Direct Push to work from Exchange 2007 Server with ActiveSync is HTTPS on port 443. The recommendation is to increase the firewall time-out for this path to between 15 and 30 minutes (see Configuring Direct Push to Work Through Your Firewall).

Using our SonicWALL firewall I have made this change however the event is still appearing with regularity in our Exchange event logs. Up until now I have considered the requirement to only affect TCP connections however I did an experiment to increase the timeout for UDP to this value – for a while I thought this might have resolved the issue but it looks like it hasn’t.

The particular message in the event logs states

Event Type:    Warning
Event Source:    MSExchange ActiveSync
Event Category:    Requests
Event ID:    1040
User:        N/A
Description:
The average of the most recent [79] heartbeat intervals used by clients is less than or equal to [540].
Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and Direct Push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed.

For more information about how to configure firewall settings when you use Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct Push Technology" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=905013).

The 540 seconds (exactly 9 minutes) setting is bugging me and for these tests I set the firewall to 30 minutes for HTTPS so the problem has to lie some other configuration setting.

The Knowledge Base 905013 article is a little thin at Enterprise firewall configuration for Exchange ActiveSync Direct and I didn’t get very far with SonicWALL support as they were asking me to identify the particular user device which was causing the event. This isn’t very practical as there are a whole bunch of devices out there and little information to help me identify which one (or ones) it may be.

I have re-enabled detailed logging on the W3SVC for OWA to see if that sheds any light on the situation.

Related

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.