Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Unable to connect to Exchange 2003 Server through VPN.

Posted on 2004-09-24
12
Medium Priority
?
1,874 Views
Last Modified: 2012-08-13
My CEO...being very picky about everything, wants to be able to access her e-mail on her laptop from anywhere in the United States.  We have a Verizon 1xEVDO Airprime CDMA Wireless modem express network card that provides her access to the internet.  We have a SonicWall firewall at work that we have setup a connection to using the SonicWall VPN Client software.  It connects to our file server fine...called NTFSROOT.  When I ping this it gets a reply of about .5seconds each time...not bad.  HOWEVER...when I PING the exchange server, which we call NTFSROOTB, it will not ping at all and reply back with "Ping request could not find host ntfsrootb.  Please check the name and try again."  HOWEVER...when I ping using the IP address...192.168.0.15, it pings successfully.  When this occured, I went into the e-mail properties of Outlook 2003, and changed the Microsoft Exchange server to point to 192.168.0.15 instead of NTFSROOTB.  When I select finish, then go back to double check the settings, the Exchange Server settings go back to the NTFSROOTB, instead of the IP address.  The error I get when attempting to connect to Microsoft Outlook 2003, is "Task 'Microsoft Exchange Server' reported error (0x8004011D): 'The server is not available.  Contact your administrator if this condition persists.'"  I have "Use Cached Exchanged Mode" UN-checked.  
0
Comment
Question by:spyder1125
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12147150
Simple solution. Add a LMHOSTS file with three entries, 1 for the Exchange server, two for the domain controller, and put this LMHOSTS file on the laptop..

How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/support/kb/articles/Q180/0/94.ASP 
0
 
LVL 2

Expert Comment

by:etsolow
ID: 12147350
Or fix your DNS problem...
0
 
LVL 6

Expert Comment

by:JRaster
ID: 12147710
Get her a blackberry, setup the blackberry enterprise server, then she can get her email and calander from anythere there is cell phone service.  
0
Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

 
LVL 104

Expert Comment

by:Sembee
ID: 12147900
The problem is name resolution. You don't need to use an LMHOSTS file - it is perfectly possible to get it working without going that far.
After you have connected to the VPN see what DNS information is being set. This should be your internal servers. If it isn't - or you aren't getting any at all then you need to look at the VPN config.

However if it is just email, and she has a Windows XP laptop, and you are on a Windows 2003 AD, then why not use RPC/HTTP? Get a cheap certificate from FreeSSL.com, a bit of tweaking and voila - access to email, and a secure OWA as well.

Simon.
0
 

Author Comment

by:spyder1125
ID: 12163703
The DNS information that I am getting when I do an ipconfig/all is not of my network....it must be that of Verizon on the PPP Connection of card, however in the Windows IP Configuration, the first one listed, it shows proper primary dns suffix and DNS suffix search list.  I'm not even sure if it is a true VPN setup on the laptop.  All that is setup is the SonicWALL VPN client....when I go into the program, the Security Policy Editor comes up...it lists a bunch of connections, 8 of them each under the GroupVPN category.  
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12168793
The sonicwall VPN client might be getting DNS information from the sonicwall device itself. Most firewall devices have the ability to put DNS server information in to the their configuration, so it that device that I would look at next.
If you are not getting valid DNS information for your client machines then you need to see where that information is coming from.

Simon.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12170816
This is exactly why I suggested the LMHOSTS file.
Try it, you'll like it...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12171098
LMHOSTS files are fine until you have to change the IP address of the Exchange server or something else changes with the network configuration. Then everything goes wrong.

I inherited a site where hosts or LMHOSTS files had been put on some machines - not all - and not documented. Caused a complex migration to Exchange 2003 to overrun by 3 weeks while all the machines were found and corrected. They now all run on DNS quite happily.

Simon.
0
 

Author Comment

by:spyder1125
ID: 12173170
Thank you everyone for your input...I followed the LMHOSTS idea file...it was the easiest, Sembee even though your idea was just as good, it of course required buying something, and the IP address of the Exchange server won't be changing anytime soon, so for now this will suffice.  I am now able to connect to the exchanger server and receive e-mail....however it takes a long time....I haven't let it finish yet, but it started at 3 minutes remaining, then 7, then 11, now its up to 16....is there anything I can do about this, I dont think the CEO would like to wait such a long time to receive her e-mail.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 12175779
Did you pay attention to the spacing requirement in the domain controller line of the LMHOSTS file?
Using XP:

indows 2000/XP is using the extra time to search the remote computer for any Scheduled Tasks.
Note that though the fix is originally intended for only those affected, Windows 2000 users will experience
that the actual browsing speed of both the Internet & Windows Explorers improve significantly after applying it
since it doesn't search for Scheduled Tasks anymore.
Here's how :

Open up the Registry and go to :

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Explorer/RemoteComputer/NameSpace

Under that branch, select the key :{D6277990-4C6A-11CF-8D87-00AA0060F5BF} and delete it.

This is key that instructs Windows to search for Scheduled Tasks.
If you like you may want to export the exact branch so that you can restore the key if necessary.

This fix is so effective that it doesn't require a reboot and you can almost immediately determine yourself how much it speeds up your browsing processes.

-------------
Windows XP automatically searches the network for shares and printers upon connecting to the network. This is probably useful in a SOHO or home network but not the enterprise. To disable XP automatic discovery:
In Explorer, click Tools
Click Folder Options
Click the View tab,
Uncheck Automatically Search for Network Folders and Printers in Advanced settings list.

--------------

If there are NT4.0 or any other pre-Windows 2000 PCs on the LAN, XP will transmit your password to the pre-Windows 2000 PCs during its share and print search. It transmits the LM hash which is significantly weaker than XP or Windows 2000 hashes. In order to protect the LM hash, XP has a registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\NoLMHash which if set to 1 will prevent XP or Windows 2000 from generating the LM hash. pwdump will not be able to acquire the LM hash, which is a good thing.

 
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12327003
Protest has been posted in the CS question thread
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question