Exchange ActiveSync (EAS) does not work as it should when using SMC with UTM as firewall.
Sophos UTM being used a Firewall, purely for a Reverse Proxy through to the SMC Server sitting behind it.
EAS is using SSL
SMC settings are using SSL
First seen in
Sophos Mobile Control
Windows 2008/ 2008 R2
What To Do
SMC should work with UTM, the EAS traffic to the SMC Server is exactly the same as it would be to a normal exchange. More information can be found here: Exchange ActiveSync
You can try to connect the device directly to the Exchange (for testing purposes, change the rule on the UTM from the SMC Server to the Exchange directly). If the issue still remains, then it is likely to be a UTM Configuration problem. Please refer to the administration guides for further information: Sophos UTM (formerly Astaro Security Gateway)
In UTM, open the Web Application Firewall (WAF) live log (Webserver Protection > Web Application Firewall > Open Live Log) and filter it for the IP address of the connecting client. Once done, try to attempt a connection and see if there is any dropped traffic reported in the log. You can also do this for the packet filter logs if they see now blocked / dropped traffic (Network Protection > Firewall > Open Live Log).
Alternatively, please contact Sophos UTM Support
Related KBA: RPC calls over HTTP/S are not supported by Astaro Web Application Security