Forum Discussion
VincentBurle83
Feb 25, 2022Copper Contributor
Lot of eventID 4999 related to ActiveSync on my Exchange Servers
Hello all, I'm Vincent and I'm Exchange administrator in my International Research Organization. Our Exchange farm is composed of 4 Exchange Server 2016 Enterprise CU 22. I recently noticed a l...
floridait
Mar 15, 2023Copper Contributor
I am also seeing this error on a two-node Exchange 2019 DAG. Has there been any progress for anyone?
- BroBiasMay 30, 2023Copper ContributorUnfortunately, no progress 😕
I'm only pretty sure in the meantime that this relates to firewall settings on the WAF side (here: Sophos XG). I've played with several settings there, the most potential was the http session timeout, but without any success.
It doesn't matter whether i follow vendor recommendations or settings based on user experiences, the result is always the same and the 4999 errors don't stop.
From my current perspective this must be an issue at least every "exch + Sophos" user/admin should face which is why i can't understand that there is no clear solution available 😞- cmillerLCEMay 30, 2023Copper Contributor
BroBias Interesting that you also have a firewall/loadbalancer in the mix as well and think it's part of the issue. We don't have Sophos. We have Fortinet on the perimeter and then a Kemp loadbalancer internally, I think at one point I stumbled upon someone mentioning the session timeouts may be the culprit but I never found the right values to prevent the errors either. Sure would be nice if somoene on the Microsoft side would chime in on these annoying errors.
- BroBias7May 30, 2023Copper ContributorWow! Now, i'm very thankful that there is somebody sharing this experience and impression/feeling of the very source ^^
Yes, I'm also 99% sure that this relates to the combination of EXCH vdir <> FW/LB <> ActiveSync requests/sessions. I can even find this reflecting in the event logs, when the errors starting as soon as the users are off to the weekend or coming back from weekend again. I also played a lot with the http session timeout setting on fw/waf side but without any success, not even little changes in the amount of logged errors.
Even following very clear recommendations for EXCH + SophosXG - no effect at all.
The main issue is, from my perspective, that these errors don't cause significant issues, at least not on my side. From time to time some few users complain about "sync hangs" on their mobiles but that's it. Exchange seems to be fine whith recycling the app pool every hour ......
However, i'm annoyed about it because it's just filling up my event logs and leaves a bad feeling while not really knowing what's going on.