[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Bandwidth Requirements for Exchange 2003 / Outlook 2003 over VPN...

Posted on 2004-12-01
Medium Priority
Last Modified: 2007-12-19
I have a company that is attempting to connect a laptop to their Domain / Exchange 2003 server via a simple IPSEC PPTP VPN.  The VPN establishes connectivity with no issue and they can ping all they want to the systems back at HQ (ping latency ~60 - 120 ms).  OWA without the VPN works like  charm; no perceptible latency at all from the user's perspective.

Here are the problems:
1.  Outlook 2003 (not caching) opens initially without issue but immediately begins attempting to communicate with the Exchange 2003 server and seems unable to connect.
2.  Attempting to browse the network / shares is either rediculously slow or results in timeouts after very long delays.  

Here are the specs...
1.  Exchange and File Server:  MS Small Business Server 2003
2.  Exchange Client:  Outlook 2003 (non-caching mode)
2.  Remote Bandwidth:  Residential DSL broadband
3.  HQ Bandwidth:  Commercial DSL with speeds listed as 1.5mb to 6.0 mb down and 384mb up.
4.  Remote VPN client:  Standard VPN connection client in Windows XP (fully patched and service packed)
5.  HQ VPN Hardware:  Fortinet FortiGate 100 VPN / Firewall

I am running relatively the same configuration elsewhere (Exchange 2003 / Outlook XP) with the same VPN configuration and the only difference is that the HQ bandwidth is a full T1 rather than a DSL connection.

I downloaded the bandwidth report on Exchange 2003 and Outlook from Microsoft and read through it but it mostly talks about RPC over HTTP which doesn't solve my network browsing issue and if Bandwidth truly is the problem here, wouldn't solve the problem anyway.

Is the HQ DSL connection the issue here?  Or is software more likely the issue?

Bonus points for thorough well thought out responses :)
Question by:dhienzsch
  • 2
  • 2
LVL 23

Accepted Solution

Tim Holman earned 2000 total points
ID: 12729265
This sounds like a name resolution problem - can you successfully nslookup the mail server from the PPTP client ?

Alternatively, I would suggest LMHOSTS, but this is only valid for NT/2000, and not SBS 2003 (unless you have backward compatability installed)?


Also verify MTU:


Author Comment

ID: 12729775
I checked name resolution via nslookup and have no issues.  The domain name (companyname.local) can be resolved as well as workstations (workstationname.companyname.local) and the server (servername.companyname.local).

The system is built from the ground up as a Windows XP / Windows 2003 system with no support for WINS / LMHOSTS.  As it is DNS only I could use HOSTS files but I don't think name resolution is the issue or Outlook wouldn't launch in the first place nor would you ever be able to browse the networkin any fashion.

However, the subject of MTU's looks as though there may be something there.  The Netopia router that was provided by their DSL carrier has the MTU set to 1500 as does the Fortigate Firewall.  Should the MTU require modification, I imagine it would need to get bumped down at both locations?

I will need to do some testing as per the instructions listed in the FAQ 695 URL listed above.

Thanks for the advice... it will take me a couple of days to get the testing done as everything is remote and the users technically illiterate (as in "How do you spell PING").  I'll get back to you with the results.
LVL 23

Expert Comment

by:Tim Holman
ID: 12745791
The MTU needs changing on the client workstations, not the routers.  XP should autonegotiate, but it's worth checking regardless.

There is this too, to do with SMB server signing, that may slow things down:


When your VPNd in, does the routing work properly - ie are packets taking a long way round to get back out ?

Author Comment

ID: 12913593
After doing some careful testing I believe this problem is finally related to bandwidth restrictions due to DSL connections on both ends.  

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Course of the Month19 days, 20 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question