This article describes how to make SharePoint sites externally accessible for mobile devices. There are three methods for enabling external access.

  • Virtual private network server A virtual private network (VPN) server that supports Secure Sockets Layer (SSL), such as Microsoft Forefront Unified Access Gateway (UAG), enables you to publish SharePoint sites across the corporate firewall. After you publish the SharePoint site outside the firewall, you must configure an alternative access mapping for it. The SharePoint site must also belong to a zone that allows cross-firewall access. For more information about cross-firewall access, see Configure cross-firewall access.
  • Mobile proxy server Mobile proxy servers, such as Microsoft System Center Mobile Device Center and Blackberry Enterprise Server, help mobile devices work within the IT infrastructure of a company. To access a SharePoint site from outside the corporate firewall, the mobile proxy server must pass the mobile browser’s HTTP headers directly through to SharePoint Server.
  • Direct Internet access The SharePoint site can be placed on the extranet. This option supports only basic authentication. We recommend using a combination of technology and policy safeguards, such as SSL, with any Internet-facing servers.

Configure cross-firewall access

After the SharePoint site is published outside the firewall, you must add the site to a zone that allows cross-firewall access. A cross-firewall access zone is used to generate external PC and mobile URLs in mobile alert messages, and enables users to send an externally accessible URL when they click the E-mail a link button on the ribbon.

To configure a cross-firewall access zone

  1. In Central Administration, click System Settings.
  2. On the System Settings page, under Farm Management, click Configure cross firewall access zone.
  3. On the Cross Firewall Access Zone page, in Web Application, in the Web Application list box, select the Web application that is published across the firewall.
  4. In Cross Firewall Access Zone, in the Zone selection for cross firewall access list box, select the zone that is published across the firewall.

Configure Forefront Unified Access Gateway for Office Mobile

Forefront Unified Access Gateway (UAG) provides a gateway for remote employees, mobile workers, partners, and other third parties to access corporate applications and resources. For more information about UAG, see Forefront Unified Access Gateway (UAG) and SharePoint publishing solution guide.

The following procedures describe specific settings that are required to support Microsoft Office Mobile on Windows Phone 7 and Windows Phone 6.5.

To skip parsing of the response bodies

  1. On the UAG server, start the Forefront UAG Management application.
  2. In the navigation pane, click HTTPS Connections, and then click the trunk name.
  3. On the Portal tab, click the Edit button that is located on the right side of the Do not parse the response bodies to these requests text.
  4. In the URLs without body parsing dialog box, under Servers, click Add.
  5. Enter the name of the server running SharePoint Server. For example, if the server URL is https://contoso, enter the server name as contoso.
  6. In the URLs without body parsing dialog box, under URLs, click Add.
  7. In the Add URLdialog box, add the following URLs:
    • .*/_vti_bin/webs\.asmx
    • .*/_vti_bin/lists\.asmx
  8. Click OK.

To enable rich client applications to bypass trunk authentication

  1. On the UAG server, start the Forefront UAG Management application.
  2. In the navigation pane, click HTTPS Connections, and then click the trunk name.
  3. In the Applications list, select the SharePoint Server application, and then click Edit.
  4. On the Portal Link tab, select the Allow rich clients to bypass trunk authentication check box.

Users can access SharePoint sites by using a mobile browser or by using Microsoft SharePoint Workspace Mobile 2010. Users must configure a Forefront UAG address on their mobile device before SharePoint Workspace Mobile 2010 can be used to access a SharePoint site. Users must know how to configure their mobile device and the URL of the UAG trunk.

To configure the UAG settings on the Windows Phone device (end users)

  1. On the mobile device, start SharePoint Workspace Mobile.
  2. Tap Menu, tap Settings, and then tap Configure Forefront UAG Server.
  3. In the Forefront UAG address box, type the URL of the UAG trunk.
  4. Enter the domain user name and password.
  5. Tap OK.

From Microsoft

Hoang Nhut Nguyen
Email: nhutcmos@gmail.com
Skype: hoangnhut.nguyen