Solved

VPN, PIX, Exchange Server and Outlook

Posted on 2003-11-04
14
5,183 Views
Last Modified: 2013-11-16
Hello All,

I am trying to connect Outlook to my Exchange server after connecting remotely to my network via VPN on a PIX 501.

I can ping by name and ip, can connect to shares, but cannot resolve the name of the exchange server in outlook.

Thanks in advance for any assistance.

Cepolly
0
Comment
Question by:cepolly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +3
14 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 9686838
Outlook uses legacy NetBios hooks to Exchange.
Create yourself a LMHOSTS file with the Exchange IP address/name in it..
LMHOSTS
http://support.microsoft.com/default.aspx?scid=kb;en-us;314884
http://www.realcomputerguy.com/lmhosts.htm
http://www.labmice.net/networking/lmhosts.htm
0
 
LVL 1

Author Comment

by:cepolly
ID: 9687053
I don't think it's an LMHOSTS issue. I think its an authentication issue. I am running WindowsXP Pro on my own domain.

I can ping by name and ip. I can browse the network after I do a computer search for the PDC and receive the Master Browser list.

When I go into Outlook, I already have a profile that connects to an Exchange server. My local Exchange Server that is on my local domain. To get around this, I tried to set up a new profile in Outlook for the remote username, Exchange server and domain. When I click on 'check name', I get an Exchange/Outlook prompt and regardless of what user/pw/domain combination I use, I get a 'bad logon credentials' message.

Cepolly.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9687280
Be sure to include the PDC in the LMOSTS file.
At least try it before you rule it out.

It works perfectly fine while you are on the local lan, logged in with a domain or a local account, but does not work over VPN when logged in to a local account?
Does your VPN client get the correct WINS/DNS servers from the PIX?
I've been there, done that, and the answer is always the same - LMHOSTS...
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 2

Expert Comment

by:TomCRiley
ID: 9687510
When you ping by name, does the ping response tack your domain name onto the host name that you are trying to ping?  I have had some success with adding a static WINS server in the IP config of the client PC.  I would try that or do as lrmoore suggests with the lmhosts file.

Tom
0
 
LVL 1

Author Comment

by:cepolly
ID: 9687983
No i get a normal internal response:

Pinging ***pms [192.168.1.3] with 32 bytes of data:

Reply from 192.168.1.3: bytes=32 time=122ms TTL=128
Reply from 192.168.1.3: bytes=32 time=115ms TTL=128
Reply from 192.168.1.3: bytes=32 time=113ms TTL=128
Reply from 192.168.1.3: bytes=32 time=112ms TTL=128
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9687999
If the server's real IP is 192.168.1.3, and you go home to a broadband connection to make the VPN connection, is your home local lan also 192.168.1.x ?

0
 
LVL 1

Author Comment

by:cepolly
ID: 9688417
Yes my local lan is 192.168.1.0 as well.

0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 9688449
That's your problem. Try changing your local LAN to something else like 192.168.2.x..
0
 

Expert Comment

by:PrashantArpana
ID: 9693255
What I think you should do is ethier do a subnetting and make your subnets different i.e. at home and at your server because generally there are problems with the router if you are pining or connecting to the networks having same subnet.


Please try this and let me know if it works
0
 
LVL 2

Expert Comment

by:TomCRiley
ID: 9693986
Now that Prashant has repeated what lrmoore said, we can continue.
0
 
LVL 1

Author Comment

by:cepolly
ID: 9694625
LOL.

Thanks Lrmoore and Tom.

I am still testing and will get back to you with results.
0
 
LVL 1

Author Comment

by:cepolly
ID: 9712211
Thanks Lrmoore. That was it. I tried it on other PC's without domains and the VPN with Outlook/Exchange worked like a charm.

Thanks again.

Cepolly
0
 

Expert Comment

by:highlander1969
ID: 9842779
Well done Lrmoore!!! :-)

I've spent 2 months struggling with Outlook via vpn access from home pcs (on adsl broadband) to our company Exchange Server. Some home PCs it worked, others not. Changing my local Lan to 192.168.2.x  has fixed this for me. I no longer have to use Outlook Web Access.

The thing that baffled me was that VPN connection always worked a treat and I could do everything I wanted to remotely apart from use Outlook. I was assuming (incorrectly) that it was something to do with ports e.g. firewall blocking special ports Exchange/Outlook used. I've looked for answers to this question all over the net and tried a load of other things - but yours is the only one that worked.

Thanks again

Highlander1969
0
 
LVL 3

Expert Comment

by:hehewithbrackets
ID: 10347945
Could someone be so kind as to post their working config?  For some reason, I cannot get this to work when my remote network is on a different subnet.
0

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question