Outlook 2003 works intermittently over VPN then hangs on "Trying to Connect"

I am running a SBS2003 network and have several remote workers, all on XP-SP2 running Outlook 2003. We never used to have any problems before running an SBS2000 server with Outlook 2000. One of the users cant connect to Exchange server at all while the other can connect but will sometimes phone to say he cant. Internet and network drives are fine for both users over VPN. The client that cant connect is on BT broadband and the client that can is on BlueYonder. We have another remote worker starting soon and this problem needs to be sorted ASAP. It is really causing me a headache!!! I have tried reducing the MTU of the workers router from 1500 down to 1492 but to no avail. The IP address of our server is 10.0.0.1.

Please help
s_j_bellAsked:
Who is Participating?
 
rsivanandanConnect With a Mentor Commented:
Just 2 things. One DNS resolution, second being the MTU => always have problems with Outlook.

Steps to do if you are interested;

1. First determine the MTU size for your VPN connection as below;

Command Prompt->'ping <IPOfSBSServer> -l 1400 -f' after connecting to VPN.

  This will say can't do since don't fragment bit is set. So start reducing the 1400 to lower values and keep pinging. You will reach a stage where you can ping sucessfully. Then that is your optimal Path MTU over the VPN. Set this value as your MTU on the windows machine. How to do that? Check this link;

http://www.winguides.com/registry/tweaks.php/WindowsXP/

  You'll have to go to the registry key mentioned there and change it. With Cisco VPN Client and PIX, my optimal value for my users is 1300.

2. Add an entry in your hosts file to resolve the FQDN of mail server. This is a headache most of the times.

  So go to C:\windows\system32\drivers\etc, get the hosts file, edit it and add the ip address of the mail server as below;

x.x.x.x  fqdn

 Save the file and then try connecting again after rebooting the machine.

Cheers,
Rajesh



0
 
cogitCommented:
Can the user ping the mailserver ip address or  by name .

0
 
r_naren22atyahooCommented:
change back the MTU to 1500
and use the ip address of the exchange server instead of the computer name in the outlook profile
i assume you are using the LAN ip address for the exchange server!!! let me know if not
and also is it a TCP/IP connection for the exchange or the RPC/HTTP connection for the outlook??

regards
Naren
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
s_j_bellAuthor Commented:
She was getting Request timed out


The Outlook profile is set to use the FQDN name (server1.xxxxxxxxxxx.com) which is what all the mobile users are set to use.  If I enter the server IP address, when you click check name, it just replaces it with the FQDN of the exchnage server. The connection it uses is a TCP/IP connection, I have tried to use RPC/HTTP but have not got it working yet. I've actually got the user to return her laptop today by courier so I will change the MTU back to 1500. I thought Outlook didn't like a value of 1500???
0
 
r_naren22atyahooCommented:
server1.xxxxxxxxxxx.com

when you ping server1.XXXX.com on your office LAN
what ip address you get.

when you ping server1.XXXX.com from a VPN user
what ip address you get.


VPN users have to use the server name as
servername.domainname.local (unless you use split DNS, i.e. internal and external is domanname.com

regards
Naren
0
 
s_j_bellAuthor Commented:
Naren

Pinging from within the office I get 10.0.0.1
Pinging from a VPN user I get 10.0.0.14 request timed out. 4 packets sent, 4 packets lost

Regards

Stuart
0
 
r_naren22atyahooCommented:
??????

both pings should get same ip address

10.0.0.1 looks like a gateway address.....

what is you actual exchnge server ip address???

is ping blocked for the PVN users???

what is your local domain name and external domain name are they same???
0
 
s_j_bellAuthor Commented:
Server internal IP is 10.0.0.1

Server name is server1

Netbios Domain is organix

AD Domain is organixbrands.com
0
 
georgecooldudeCommented:
http://www.petri.co.il/ports_used_by_exchange.htm

Add these ports to ur allowed list. Then do a netstat command from command prompt. What is the status of stuff. Post it here. Make sure TCP 88 is open for kerboros
0
 
r_naren22atyahooCommented:
OK you are using the Same domain name for inside and outside.

However your issue is
why you are gettings different ip address
when you ping the exchange server locally and with VPN user.
You have to find out that
you also need to know 10.0.0.14 to which server it belongs too
is ping blocked for the VPN users???
0
 
georgecooldudeCommented:
you have enabled DNS ports over vpn right?
0
 
s_j_bellAuthor Commented:
I think so, the fact is it was working fine before, I haven't changed anything on the server so there should be no reason why this should be happening. Do you think it could be a client issue as I currently have a VPN cllient connected to the server working fine, using Outlook, Internet and shared drives, all OK. It is only this one user that has problems and sometimes those problems will be felt by the other users but generally it is only this one user that has any problems with connecting her Outlook.
0
 
r_naren22atyahooCommented:
check is she using the static DNS addresses????
make it dynamic....

if her connection is ADSL, she must be having a firewall , but that shouldnt effect...
to remove that issue give her a temp dialup account and ask her to connect.
reghost her laptop.

regards
naren
0
 
s_j_bellAuthor Commented:
Rajesh your a star!!!!

I'd already got her working on Monday morning after receiving her laptop in the post and re installing just the programs she needs and gutting all the crap that ends up on a laptop of a remote worker.  But this stopped on Monday afternoon and didnt work till now. I didn't go through the MTU settings though, after setting the address within the hosts file it was working so I'd thought 'd leave it there, this is something that I will look into though at a later stage!!!
0
 
rsivanandanCommented:
:-)

Glad you got it working though. I'm pretty sure you will have to adjust the MTU size at some stage but you can remember this though. Outlook just needs these 2 injections, it will work like a charm :-)

Thnx for the points.

Cheers,
Rajesh
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.