dhienzsch
asked on
Bandwidth Requirements for Exchange 2003 / Outlook 2003 over VPN...
I have a company that is attempting to connect a laptop to their Domain / Exchange 2003 server via a simple IPSEC PPTP VPN. The VPN establishes connectivity with no issue and they can ping all they want to the systems back at HQ (ping latency ~60 - 120 ms). OWA without the VPN works like charm; no perceptible latency at all from the user's perspective.
Here are the problems:
1. Outlook 2003 (not caching) opens initially without issue but immediately begins attempting to communicate with the Exchange 2003 server and seems unable to connect.
2. Attempting to browse the network / shares is either rediculously slow or results in timeouts after very long delays.
Here are the specs...
1. Exchange and File Server: MS Small Business Server 2003
2. Exchange Client: Outlook 2003 (non-caching mode)
2. Remote Bandwidth: Residential DSL broadband
3. HQ Bandwidth: Commercial DSL with speeds listed as 1.5mb to 6.0 mb down and 384mb up.
4. Remote VPN client: Standard VPN connection client in Windows XP (fully patched and service packed)
5. HQ VPN Hardware: Fortinet FortiGate 100 VPN / Firewall
I am running relatively the same configuration elsewhere (Exchange 2003 / Outlook XP) with the same VPN configuration and the only difference is that the HQ bandwidth is a full T1 rather than a DSL connection.
I downloaded the bandwidth report on Exchange 2003 and Outlook from Microsoft and read through it but it mostly talks about RPC over HTTP which doesn't solve my network browsing issue and if Bandwidth truly is the problem here, wouldn't solve the problem anyway.
Is the HQ DSL connection the issue here? Or is software more likely the issue?
Bonus points for thorough well thought out responses :)
Here are the problems:
1. Outlook 2003 (not caching) opens initially without issue but immediately begins attempting to communicate with the Exchange 2003 server and seems unable to connect.
2. Attempting to browse the network / shares is either rediculously slow or results in timeouts after very long delays.
Here are the specs...
1. Exchange and File Server: MS Small Business Server 2003
2. Exchange Client: Outlook 2003 (non-caching mode)
2. Remote Bandwidth: Residential DSL broadband
3. HQ Bandwidth: Commercial DSL with speeds listed as 1.5mb to 6.0 mb down and 384mb up.
4. Remote VPN client: Standard VPN connection client in Windows XP (fully patched and service packed)
5. HQ VPN Hardware: Fortinet FortiGate 100 VPN / Firewall
I am running relatively the same configuration elsewhere (Exchange 2003 / Outlook XP) with the same VPN configuration and the only difference is that the HQ bandwidth is a full T1 rather than a DSL connection.
I downloaded the bandwidth report on Exchange 2003 and Outlook from Microsoft and read through it but it mostly talks about RPC over HTTP which doesn't solve my network browsing issue and if Bandwidth truly is the problem here, wouldn't solve the problem anyway.
Is the HQ DSL connection the issue here? Or is software more likely the issue?
Bonus points for thorough well thought out responses :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The MTU needs changing on the client workstations, not the routers. XP should autonegotiate, but it's worth checking regardless.
There is this too, to do with SMB server signing, that may slow things down:
http://support.microsoft.com/default.aspx?scid=kb;en-us;814112
When your VPNd in, does the routing work properly - ie are packets taking a long way round to get back out ?
There is this too, to do with SMB server signing, that may slow things down:
http://support.microsoft.com/default.aspx?scid=kb;en-us;814112
When your VPNd in, does the routing work properly - ie are packets taking a long way round to get back out ?
ASKER
After doing some careful testing I believe this problem is finally related to bandwidth restrictions due to DSL connections on both ends.
ASKER
The system is built from the ground up as a Windows XP / Windows 2003 system with no support for WINS / LMHOSTS. As it is DNS only I could use HOSTS files but I don't think name resolution is the issue or Outlook wouldn't launch in the first place nor would you ever be able to browse the networkin any fashion.
However, the subject of MTU's looks as though there may be something there. The Netopia router that was provided by their DSL carrier has the MTU set to 1500 as does the Fortigate Firewall. Should the MTU require modification, I imagine it would need to get bumped down at both locations?
I will need to do some testing as per the instructions listed in the FAQ 695 URL listed above.
Thanks for the advice... it will take me a couple of days to get the testing done as everything is remote and the users technically illiterate (as in "How do you spell PING"). I'll get back to you with the results.