1) You need to configure your Exchange 2003 legacy URL. There isn't a GUI option for this... you have to issue the following command:
Set-OwaVirtualDirectory -identity "Exchange2010\owa (default web site)" -Exchange2003Url https://legacy.domain.com/exchangeObviously, you should put your own server and domain name in there. This step is a no brainer... I just felt like documenting it here so that I don't have to look up the command syntax anymore. :P
2) This took me a while to figure out because the fix is completely non-intuitive. Upon configuring your Exchange 2003 legacy url and testing it out, you get an "HTTP 500 Internal Server Error" with no further information. The url stops at https://(legacyurl)/exchweb/bin/auth/owaauth.dll.
To fix this you must enable FBA (forms based authentication) on your Exchange 2003 frontend server before OWA redirection will work. I found the following video showing the steps required: http://www.youtube.com/watch?v=B8NAmFqGOl4
Basically, you need to follow all the steps in my previous post, and in addition open up the Exchange 2003 management console, expand your way down to Administrative groups > first administrative group > servers > servername > Protocols > HTTP > Exchange Virtual Server, right click on the virtual server and go to properties. Under the settings tab, check the box for "Enable Forms Based Authentication" and click ok. After that, issue an IISRESET to restart your default website.
IMPORTANT: If you have only one Exchange 2003 backend server, and you configure SSL or FBA, you will likely break any activesync connections when you enable FBA. Here is an article explaining the situation from microsoft: http://support.microsoft.com/default.aspx?scid=kb;en-us;817379
Now... that seems like the proper way to go about things, but the major issue I noticed with my particular environment is that it was authentication that was broken for the mobile uses. A quick investigation of IIS after enabling FBA showed me that the 'windows authentication' option for the Exchange virtual directory was turned off. Checking the box fixed my problem! I think the only reason this worked for this particular site was because they did not have the "require SSL" box checked for the Exchange virtual directory. Not best practices, but this server will be gone soon anyway. As always, your mileage may vary. It's probably safer (or at least more supported) to follow the article I linked above.