Bandwidth Requirements for Exchange 2003 / Outlook 2003 over VPN...

I have a company that is attempting to connect a laptop to their Domain / Exchange 2003 server via a simple IPSEC PPTP VPN.  The VPN establishes connectivity with no issue and they can ping all they want to the systems back at HQ (ping latency ~60 - 120 ms).  OWA without the VPN works like  charm; no perceptible latency at all from the user's perspective.

Here are the problems:
1.  Outlook 2003 (not caching) opens initially without issue but immediately begins attempting to communicate with the Exchange 2003 server and seems unable to connect.
2.  Attempting to browse the network / shares is either rediculously slow or results in timeouts after very long delays.  

Here are the specs...
1.  Exchange and File Server:  MS Small Business Server 2003
2.  Exchange Client:  Outlook 2003 (non-caching mode)
2.  Remote Bandwidth:  Residential DSL broadband
3.  HQ Bandwidth:  Commercial DSL with speeds listed as 1.5mb to 6.0 mb down and 384mb up.
4.  Remote VPN client:  Standard VPN connection client in Windows XP (fully patched and service packed)
5.  HQ VPN Hardware:  Fortinet FortiGate 100 VPN / Firewall

I am running relatively the same configuration elsewhere (Exchange 2003 / Outlook XP) with the same VPN configuration and the only difference is that the HQ bandwidth is a full T1 rather than a DSL connection.

I downloaded the bandwidth report on Exchange 2003 and Outlook from Microsoft and read through it but it mostly talks about RPC over HTTP which doesn't solve my network browsing issue and if Bandwidth truly is the problem here, wouldn't solve the problem anyway.

Is the HQ DSL connection the issue here?  Or is software more likely the issue?

Bonus points for thorough well thought out responses :)
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tim HolmanCommented:
This sounds like a name resolution problem - can you successfully nslookup the mail server from the PPTP client ?

Alternatively, I would suggest LMHOSTS, but this is only valid for NT/2000, and not SBS 2003 (unless you have backward compatability installed)?

Also verify MTU:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dhienzschAuthor Commented:
I checked name resolution via nslookup and have no issues.  The domain name (companyname.local) can be resolved as well as workstations (workstationname.companyname.local) and the server (servername.companyname.local).

The system is built from the ground up as a Windows XP / Windows 2003 system with no support for WINS / LMHOSTS.  As it is DNS only I could use HOSTS files but I don't think name resolution is the issue or Outlook wouldn't launch in the first place nor would you ever be able to browse the networkin any fashion.

However, the subject of MTU's looks as though there may be something there.  The Netopia router that was provided by their DSL carrier has the MTU set to 1500 as does the Fortigate Firewall.  Should the MTU require modification, I imagine it would need to get bumped down at both locations?

I will need to do some testing as per the instructions listed in the FAQ 695 URL listed above.

Thanks for the advice... it will take me a couple of days to get the testing done as everything is remote and the users technically illiterate (as in "How do you spell PING").  I'll get back to you with the results.
Tim HolmanCommented:
The MTU needs changing on the client workstations, not the routers.  XP should autonegotiate, but it's worth checking regardless.

There is this too, to do with SMB server signing, that may slow things down:;en-us;814112

When your VPNd in, does the routing work properly - ie are packets taking a long way round to get back out ?
dhienzschAuthor Commented:
After doing some careful testing I believe this problem is finally related to bandwidth restrictions due to DSL connections on both ends.  
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.