Here is the environment
3 Windows XP SP2 users that are having a problem maintaining a connection from Outlook 2003 to Exchange 2K3 SP2 Server.
1 Windows XP SP2 user that cannot add his mailbox in Outlook 2003 to our Exchange server.
2 of the users who are having connection issues and the user who cannot add his mailbox are in the same AD site.
The other user having connection issues is in a different site and is the only one to report a problem.
These problems began more than 1 month ago, after the Exchange server physically moved to a new location. I did not handle anything involving setting up the firewall or creating the new AD site where our Exchange server ended up. Senior admins took care of those things.
I ran Ethereal from the AD site where 3 of the users are having problems. I remotely accessed a computer in that site. Logged on with my profile and tried to add my mailbox. When I clicked on Check name, I began running Ethereal until it gave me an error.
While Ethereal was running on that computer we also set up a mirror port of the Exchange server on our switch, installed Ethereal on a little used machine and ran a capture. So both captures were running at the same time.
The only changes made when the Exchange server moved were to the firewall (newer software) and the new AD site. Our senior admin tells me that any firewall rules don't apply to the site links.
Back to the capture. The client makes the handshake with the Exchange server, (SYN, SYN ACK, ACK) but on the last part states TCP checksum incorrect.
The client sends a DCERPC Bind: call_id: 1 accept max_xmit : 5840 max_recv: 5840.
The EX server responds DCERPC Bind_ack: call_id: 1 accept max_xmit: 5840 max_recv: 5840
The client sends an EPM map request
It sends another EPM map request but this time TCP Retransmission is in brakets.
The EX server sends another DCERPC call as above but TCP Retransmission is in brackets.
The client then makes the EPM map request several more times (all with TCP Retransmission and one that's a TCP Dup Ack)
The next series are ICMP echo requests
The Exchange server replies with a SYN, ACK microsoft-ds.
There is a lot more. Needless to say I am new to translating this info and need help! I will be happy to provide more, I just need someone to point me in the right direction.