teddford1957
asked on
VPN, Lotus Notes + DSL...Can't send mail but can receive. Help!
I've got a big problem. I am in need of using my business network at home.
I use ADSL service from SW Bell and also use a VPN Dialer. I can log on with no problem and can read my Lotus Notes E-mail and even download attachments with no problems. The problem comes when I try to send any outgoing Lotus Note E-Mail. It hangs forever and them I get an error message that states "Network operation did not complete in a reasonable amount of time; please retry: mail.box"
I have researched this through my Lotus notes administrator and my network's IT department and they are all stumped. The IBM Forums offer little help as well. That's when I remembered the Experts Exchange. I found the most help here several years back and I'm hoping someone here has the knowledge to help me out.
Help!
I use ADSL service from SW Bell and also use a VPN Dialer. I can log on with no problem and can read my Lotus Notes E-mail and even download attachments with no problems. The problem comes when I try to send any outgoing Lotus Note E-Mail. It hangs forever and them I get an error message that states "Network operation did not complete in a reasonable amount of time; please retry: mail.box"
I have researched this through my Lotus notes administrator and my network's IT department and they are all stumped. The IBM Forums offer little help as well. That's when I remembered the Experts Exchange. I found the most help here several years back and I'm hoping someone here has the knowledge to help me out.
Help!
I saw a similar problem with Windows VPN, Outlook and SWbell DSL. We fixed it by reducing the packet size to reduce fragmentation. If your using a home router like linksys, you can make this change on the router. If your going straight to the DSL modem, your client OS will determine how you make the change....
ASKER
Morphis,
Do you mean adjusting the MTU size? If so, what would you suggest?
Thanks
Do you mean adjusting the MTU size? If so, what would you suggest?
Thanks
Exactly. It's worth a shot, try the smallest(576). Good luck....
ASKER
Morphis,
Well, I've tried and tried to no avail. If I go below 1050 on the MTU size, it won't even allow me into the VPN. I get disconnected. I've run from the lowest that you suggested and increased that number by intregals of 50 and just have no luck.
Any other suggestions?
Thanks
Well, I've tried and tried to no avail. If I go below 1050 on the MTU size, it won't even allow me into the VPN. I get disconnected. I've run from the lowest that you suggested and increased that number by intregals of 50 and just have no luck.
Any other suggestions?
Thanks
Not really, if you can ping the VPN server, try to determine if fragmentation is the problem with
"ping -f -n <number of pings> -l <size> <destination ip> "
ex: ping -f -n 1 -l 1472 198.170.120.1. Mess with the size until the packet is lost, that's when the MTU is too low. Then establish a VPN session and try to ping the mail server the same way and see if packet loss increases. Even if this is the problem, there's only a limited number of things you can do from the client side. If you find something, at least you'll have some ammo for dealing with your IT department. I'm sure they'll love you for it. : )
"ping -f -n <number of pings> -l <size> <destination ip> "
ex: ping -f -n 1 -l 1472 198.170.120.1. Mess with the size until the packet is lost, that's when the MTU is too low. Then establish a VPN session and try to ping the mail server the same way and see if packet loss increases. Even if this is the problem, there's only a limited number of things you can do from the client side. If you find something, at least you'll have some ammo for dealing with your IT department. I'm sure they'll love you for it. : )
This couldn't be a DNS hang, could it? Is the notes server able to properly resolve your VPN client IP (forward and back)? What happens if you try to telnet into the notes server on it's mail port, and just let it hang for 10-15 min or so? Do you get a response? Can you isolate (through use of sniffers) where the transfer is breaking down? Does this happen with any other protocols?
Remember, isolate, then solve.
Cheers,
-Jon
Remember, isolate, then solve.
Cheers,
-Jon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This works. I was having *exactly* the same problem as you, lowered these two registry settings (per Q183229) to 800 each and now I can send Lotus Notes mail! Found this via Google and while I was suspicious at first, I'm a believer now. Thank you for the question teddford1957 and rmorphis and crusade1 for your spot on answers.
HKEY_LOCAL_MACHINE\System\ CurrentCon trolSet\Se rvices\Ndi sWan\Param eters:
IPMTU, REG_DWORD, 800 (decimal)
TunnelMTU, REG_DWORD, 800
HKEY_LOCAL_MACHINE\System\
IPMTU, REG_DWORD, 800 (decimal)
TunnelMTU, REG_DWORD, 800
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question:
I recommend: split between crusade1 and tryst
if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. https://www.experts-exchange.com/Community_Support/
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
thanks,
lrmoore
EE Cleanup Volunteer
---------------------
I will leave a recommendation in the Cleanup topic area that this question:
I recommend: split between crusade1 and tryst
if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. https://www.experts-exchange.com/Community_Support/
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
thanks,
lrmoore
EE Cleanup Volunteer
---------------------
>I recommend: split between crusade1 and tryst
I would include myself and morphis in that split as well. The poster never answered regarding any of the suggestions we four made near the end of the thread. In fact, I was the only one to suggest a non-MTU solution, which it seemed the poster was looking for (since he was seemingly attempting to rule out MTU as a problem)
Cheers,
-Jon
I would include myself and morphis in that split as well. The poster never answered regarding any of the suggestions we four made near the end of the thread. In fact, I was the only one to suggest a non-MTU solution, which it seemed the poster was looking for (since he was seemingly attempting to rule out MTU as a problem)
Cheers,
-Jon
Hi all
Just some more help on this whole VPN issue. We eventually dumped trying to create a VPN tunnel using our firewall software and decided to install a Windows 2000 server and utilizes the RRAS service in it.
This has worked flawlessly. There is no problems with people using outlook to send or receive e-mail. All network resources are accessible as well
There was one small tweak that we needed to do and this may help with some of the issues that people are having. We needed to create a local DNS server on the network, and then on the client machines go in to the TCP/IP protocol properties and tell it to search for the local DNS server.
We called Microsoft for the help it was WELL worth the $225 for the engineer to walk me through a local DNS server setup for VPN users.
Without the local DNS server, it’s not possible for your client computers to resolve unique network id’s
Also if you are using DHCP you will need to reserve a group of IP addresses for exclusive use by VPN users. I’d say 10 addresses are plenty, if you don’t then you can get some weird IP addresses issues when the client connects to the server.
Just some more help on this whole VPN issue. We eventually dumped trying to create a VPN tunnel using our firewall software and decided to install a Windows 2000 server and utilizes the RRAS service in it.
This has worked flawlessly. There is no problems with people using outlook to send or receive e-mail. All network resources are accessible as well
There was one small tweak that we needed to do and this may help with some of the issues that people are having. We needed to create a local DNS server on the network, and then on the client machines go in to the TCP/IP protocol properties and tell it to search for the local DNS server.
We called Microsoft for the help it was WELL worth the $225 for the engineer to walk me through a local DNS server setup for VPN users.
Without the local DNS server, it’s not possible for your client computers to resolve unique network id’s
Also if you are using DHCP you will need to reserve a group of IP addresses for exclusive use by VPN users. I’d say 10 addresses are plenty, if you don’t then you can get some weird IP addresses issues when the client connects to the server.
>Without the local DNS server, it’s not possible for your
>client computers to resolve unique network id’s
I think the beginning of that statement should read "Without a thorough understanding of DNS,"
In any case, this one is dead - I think crusade's comment underscores the relevance of my DNS suggestions (since it was DNS, and not MTU that eventually solved crusade's problem).
I stand by my recommendation regarding the pt split.
Cheers,
-Jon
>client computers to resolve unique network id’s
I think the beginning of that statement should read "Without a thorough understanding of DNS,"
In any case, this one is dead - I think crusade's comment underscores the relevance of my DNS suggestions (since it was DNS, and not MTU that eventually solved crusade's problem).
I stand by my recommendation regarding the pt split.
Cheers,
-Jon
Answered by crusade1 (seems to be spot on confirmed by tryst)
SpideyMod
Community Support Moderator @Experts Exchange
SpideyMod
Community Support Moderator @Experts Exchange