Exchange Messenger over VPN

Hi,

We have an Exchange Server 2000 SP3 running in our main office.  It is running on a 192.168.1.x network.  We have some field offices connected through a Cisco VPN back to our office, and they are using 192.168.2.x, 192.168.3.x etc.

Although Messenger (Ver5.0) works great inside our main office lan, whenever we try to use it at a remote site it will sign in but not allow us to send messages either way.  It just says the message could not be deleivered.

It may also be worth mentioning the PCs at the remote sites are not part of the main domain, but are part of a local workgroup.
LVL 7
sr_millarAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

IsigowCommented:
Does the VPN have Netbios forwarding running correctly? (can you ping a machine name and it works?)

Isi
0
sr_millarAuthor Commented:
No, I cannot ping the machine by name - only by IP address.  Although my VPN is pointing clients to the DNS server on my main site they are not resolvable or registering themselves with DNS.  Could this affect Messenger?  I have not configured anything with Netbios....

Many thanks.
0
p_sieCommented:
Maybe try adjusting the Subnetmask settings to 255.255.0.0 !
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

IsigowCommented:
Most likely Messenger uses netbios to resolve target names if thats the one thing your missing with the vpn and thats the one thing your having problems with. The other option is that messenger uses general broadcasts to contact it targets and thus since you are on 2 different subnets at your different sites, it isnt going through.
Options are as far as I see them, if it is a netbios problem, install a WINS server on all sites (usually the DC works fine) WINS and WINS Proxy will fix your netbios problems. Using a Spoked WINS pattern from your central office would be simple and easy to impliment.
The other option is to go with a 255.255.254.0 subnet on both sites (actually just adjust the subnet for the number of sites you have, but hopefully you get the idea that this would be for 2 sites, and see if that fixes the problem.
I suppose the easiest however would be to answer the question on how exchange messenger communicates, either netbios or general broadcast. Suppose I can find out when I get to work.

Isi
0
sr_millarAuthor Commented:
Isi,

Many thanks - I will try the Wins stuff today.  I thought it might be NAT as I am "Nating" on the outbound connection and then back in at the remote site and thought messenger might be getting confused with that - plus the VPN might be an issue.

Right now both sites are using a subnet of 255.255.255.0 - one is 192.168.1.x and the other is 192.168.2.x.  Both are using a Cisco 1700 series router to create the VPN (IPSEC) tunnel to see each other.

If I use .NET messenger from either site using a passport account I can exchange messages with PCs on that site no problem, however when I use messenger with my Exchange infrastructure it gets upset.

Thanks

0
IsigowCommented:
Here we are:
http://www.microsoft.com/technet/prodtechnol/winxppro/evaluate/insid01.mspx
Title: 'Inside windows Messenger, How it communicates'

Isi
0
sr_millarAuthor Commented:
Ok, I tried setting up the Wins, and also setting the DHCP scope to be in my domain and now we can IM from the remote office 192.168.2.x to the main office, but if I reply from the main office it returns the message could not be delivered.

I am convinced it may be something to do with NAT and I may have to do a port mapping somehow....
0
IsigowCommented:
Does the main office have WINS and is replicating to your WINS?
If your WINS fixed the problem in one direction, then something just might be wrong with their WINS to fix it the alternate direction

The thing about NAT is, your VPN Software/Firewall/Router config should take care of all NAT issues. When packets leave your site they are translated via your software to your external address, and then retranslated when comming back through.
If the DNS and WINS are configured correctly in a VPN then NAT usually has very little to do with errors (although depending on how the software is written I may be way off)

My thought is still, that if you configured WINS and DHCP (and/or DNS) and it fixed the problem partially, then continuing on that track will most likely fully fix the problem

Isi
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sr_millarAuthor Commented:
Isi,

Just as I thought the Wins settings were incorrect on the DHCP scope, I fixed that and it started working.  many thanks for pointing me in th eright direction
0
IsigowCommented:
quite welcome
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.