CRM Mobile 3.0 pains ICMP error and 500 internal server error
OK so we're moving into the CRM world more and more and starting to roll out Microsoft CRM 3.0 with consistentcy. However rolling out the Mobile client has been a little bit of a struggle, not only because it's pretty new but the documentation is pretty convoluted in my opinion. So here are some things to watch out for that I found.
After installing CRM Mobile and trying to get ISA 2004 configured correctly with the proper ports (we're using 446) for SSL (Mobile requires it) on a SBS 2003 Premium box we encountered a couple of errors.
The first was: Error Code: 500 Internal Server Error. Internet Control Message Protocol (ICMP) network is unreachable. For more information about this event, see ISA Server Help. (10051).
CRM Mobile uses a internal web to sync up the device. It's at https://server.domain.com:446/sscerda. This is a good website to try and troubleshoot your CRM mobile install without using a mobile device. Well when we simply from the server browse to https://servername:446/sscerda we could get the cert to display and then authenticate, however the above error was always displayed when trying to come in from the outside.
It was just simply a DNS issue. We normally use mail.domain.com for our SBS servers and this server had naturally a different local DNS zone. We created the domain.com zone on the local DNS server and pointed mail.domain.com to the internal NIC. Error #1 down.
The next error was the following: 500 Internal Server Error - The certificate chain was issued by an authority that is not trusted. (-2146893019). Now when we were local we still could get authenticated but outside was still a problem. The problem above was because ISA 2004 was choking because the mail.domain.com cert was not in the local computer trusted certificates store. Go to Start...Run and mmc.exe. File...Add/Remove Snap In...Add...Certificates...Computer Account. Now open up the Local ISA computer. Click on Certificates and then Trusted Root Certification Authorities. Make sure that your mail.domain.com certificate is listed here. If not you'll get the above error. Add it and now https://mail.domain.com:446/sscerda should work.
If I get the chance I'll post a step by step of CRM mobile on SBS Premium with ISA 2004. Hopefully this will save you a couple hours of headache.