Traveler: DAErrorDomain Code=0

[Tode]

Wieder ein neuer Traveler, wieder ein neues Problem...

Traveler 8.5.2.2
Domino 8.5.2FP1

Internet Sites aktiviert, SSL aktiviert mit self certificate, Keine automatische Weiterleitung von 80 auf 443

Ich versuche mit meinem iPad (das schon für die Verwendung mit 2 anderen Traveler- Servern konfiguriert ist und einwandfrei funktioniert) auf einen weiteren Traveler- Server zuzugreifen, der in einer DMZ steht.

Beim Versuch, das Konto hinzuzufügen bekomme ich nach der Passwort- Eingabe den oben genannten Fehler.

Ich habe die ILNT.mobileconfig schon per Browser heruntergeladen und alle Angaben geprüft. Die relevanten Werte sind korrekt:

Code

<key>Host</key>
				<string>dtr.mydomain.com</string>
 
                <!-- Actual values are <true/> or <false/> if not using the <true/> wildcard. -->
				<key>SSL</key>
				<true/>

Ich habe per tell http debug thread on überprüft, ob der OPTIONS- Request am Server ankommt, und für mich sieht das OK aus:

Code

*** Start SSL Handshake: Session 6d, Thread 22c, Clock 626070794
*** SSL Handshake Success: Session 6d, Thread 22c, Clock 626070856
*** New Request -- Parse and Check Request: Session 6d, Thread 22c, Clock 626070872
OPTIONS /Microsoft-Server-ActiveSync HTTP/1.1
Host: dtr.mydomain.com
Content-Length: 0
User-Agent: Apple-iPad1C1/803.148
X-Ms-Policykey: 0
Authorization: ****************
Accept: */*
Accept-Language: de-de
Accept-Encoding: gzip, deflate
Connection: keep-alive
 
*** Process Request: Session 6d, Thread 22c, Clock 626070872
*** Client IP Address [79.zzz.zzz.zzz], Server IP Address [172.aaa.xxx.yy]: Session 6d, Thread 22c, Clock 626070872
 
*** Start Request Step: Session 6d, Thread 22c, Clock 626070872
*** Raw Request Step: Session 6d, Thread 22c, Clock 626070872
*** Pre Authenticate Step: Session 6d, Thread 22c, Clock 626070872
*** Authenticate Step: Session 6d, Thread 22c, Clock 626070872
*** Post write Buffer, bytes [205]: Session 6d, Thread 22c, Clock 626070872
 
 
HTTP/1.1 200 OK
 
Server: Lotus-Domino
 
Date: Wed, 11 May 2011 07:53:37 GMT
 
Expires: Tue, 01 Jan 1980 06:00:00 GMT
 
Content-Type: text/html; charset=UTF-8
 
Content-Length: 3515
 
Cache-control: no-cache
 
 
 
 
*** End Request Step: Session 6d, Thread 22c, Clock 626070872

Die apple.xml enthält nur Platzhalter und nicht die falschen Daten:

Code

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<!--
ILNT_Address will be replaced with the user's email address
ILNT_HostName will be replaced with the server host name
ILNT_HostPath will be replaced with the servlet path name (e.g., /servlet/traveler)
ILNT_HostPortHTTP will be replaced with the server host port when using HTTP if the port is not
                  the default port of 80 (e.g., 81) or with an empty string when using HTTPS
ILNT_HostPortHTTPS will be replaced with the server host port when using HTTPS if the port is not
                  the default port of 443 (e.g., 8443) or with an empty string when using HTTP
ILNT_HostProtocol will be replaced with the server host protocol (<false/> or <true/> for SSL off or SSL on)
ILNT_User will be replaced with the user name
 
If you are using a proxy between the client and the Traveler server,
you should set the "External Server URL" on the "Lotus Traveler" tab in the server document
so that the ILNT wildcards below are filled in properly.
 
Do NOT modify any the the <key> values.  Only modify the values associated with the keys as needed.
-->
<plist version="1.0">
	<dict>
 
		<key>PayloadUUID</key>
		<string>8B9A9E2E-53E7-44EC-A361-74EC8136B4CE-ILNT_HostName-ILNT_User</string>
 
        <!-- 
        Customizable and displayed on the Apple UI.
        On the Profile UI, this shows up as the top-most, bold line (no wrapping).
        -->
		<key>PayloadDisplayName</key>
		<string>ILNT_User - IBM Lotus Notes Traveler</string>
 
        <!-- 
        Customizable and displayed on the Apple UI.
        On the Profile UI, this shows up right below the PayloadDisplayName (no wrapping).
        -->
		<key>PayloadOrganization</key>
		<string>IBM Lotus Notes Traveler</string>
 
        <!-- 
        Customizable and displayed on the Apple UI.
        On the Profile UI, this shows up as the multi-line (up to 10) wrapped Description.
        -->
		<key>PayloadDescription</key>
		<string>Configures the device for use with IBM Lotus Notes Traveler for ILNT_User.</string>
 
        <!--  Customizable, but not known to be displayed on the Apple UI anywhere. -->
		<key>PayloadIdentifier</key>
		<string>ILNT_User - IBM Lotus Notes Traveler</string>
 
		<key>PayloadVersion</key>
		<integer>1</integer>
 
		<key>PayloadType</key>
		<string>Configuration</string>
 
		<key>PayloadContent</key>
		<array>
		
		    <!-- 
		    If you want this profile to include more than just the com.apple.eas.account,
		    you should create the profile using iPhone Configuration Utility, add/replace
		    the com.apple.eas.account <dict>...</dict> in the newly created profile with
		    the com.apple.eas.account shown below, rename the newly created profile to
		    Apple.xml, and replace the existing Apple.xml file with the new Apple.xml file.
		    See the InfoCenter for more details.
		    -->
			
			<dict>
			
				<key>PayloadUUID</key>
				<string>837AE5F3-1380-4234-BAD0-8246A644AC2F-ILNT_HostName-ILNT_User</string>
 
                <!-- 
                Customizable and displayed on the Apple UI.
                During Profile installation, this shows up under More Details as the "Exchange Account"
                along with the Host and EmailAddress values.
                This is the account name shown at the bottom of the password prompt during Profile installation.
                This is the account name shown under General - Mail, Contacts, Calendar - Account.
                This is the account name shown in the Mail, Contact, and Calendar applications as needed.
                -->
				<key>PayloadDisplayName</key>
				<string>ILNT_User - IBM Lotus Notes Traveler</string>
 
                <!--  Customizable, but not known to be displayed on the Apple UI anywhere. -->
				<key>PayloadDescription</key>
				<string>IBM Lotus Notes Traveler for ILNT_User.</string>
 
                <!--  Customizable, but not known to be displayed on the Apple UI anywhere. -->
				<key>PayloadOrganization</key>
				<string>IBM Lotus Notes Traveler</string>
 
				<key>PayloadVersion</key>
				<integer>1</integer>
 
                <!--  Customizable, but not known to be displayed on the Apple UI anywhere. -->
				<key>PayloadIdentifier</key>
				<string>ILNT_User - IBM Lotus Notes Traveler</string>
 
				<key>PayloadType</key>
				<string>com.apple.eas.account</string>
 
				<key>UserName</key>
				<string>ILNT_User</string>
 
				<key>EmailAddress</key>
				<string>ILNT_Address</string>
                
                <!--  
                    If you are using a proxy between the client and the Traveler server,
                    you should set the "External Server URL" on the "Lotus Traveler" tab
                    in the server document.
                    You should not need to modify the Host or SSL values (use the ILNT wildcards).
                -->
				<key>Host</key>
				<string>ILNT_HostNameILNT_HostPortHTTPILNT_HostPortHTTPSILNT_HostPath</string>
 
                <!-- Actual values are <true/> or <false/> if not using the ILNT_HostProtocol wildcard. -->
				<key>SSL</key>
				ILNT_HostProtocol
				
			</dict>
 
		</array>
 
	</dict>
</plist>

Auf der Firewall, die die DMZ schützt, sehe ich keinerlei geblockten Verkehr.

Der Traveler- Server kann den Mail- Home- Server erreichen (trace MailServer/Domain ist erfolgreich)

Was sonst kann ich tun?

Thanx
Tode