Outlook 2000 over a VPN connection and MTU settings
Posted on 2002-06-03
We currently run Exchange server 5.5 over a Windows NT4.0 Server box, we use Sonicwall Pro as a firewall and the VPN client that comes with it for our VPN activities.
Anytime anyone connects to the network via VPN they can perform any operation that they want, browse the network, Internal web based applications, etc. They cannot however use Outlook 2000 to check their e-mail. You can see the e-mail server and you can even ping it and get a reply. If you open Outlook it sits there for a few minutes and then ask if you want to work offline.
I have done a substantial amount of research into the subject and it appears the Outlook over VPN is a problem for a lot of people. Apparently the main culprit is the ip packet size. The VPN’s addition of ipsec makes the packets to large for Exchange and Outlook to handle.
A possible fix I would assume is to go into Exchange Server or NT4.0 on the box all this sits on and lower the MTU value of NT or Exchange. My question is there any way to do this. I thought maybe TweekUI, but I can’t seem to find one for NT 4.0 server.
Also any thoughts or comments that I may be totally off base and there is another solution, I’m more than willing to entertain suggestions.