Outlook 2003 is disconnected through VPN

Server: Windows Server 2003 Small Business Server
Client PC: Windows XP SP2 running Office 2003 with all M$ updates.
VPN Connection: Two Linksys RV042 VPN routers connecting to each other (Static IP to Static IP)

The client PC is connecting to the server over the VPN. Sometimes when he opens Outlook it shows the status as "Disconnected". Outlook is running in cached mode and needs to continue running in cached mode. Other users at the same site are able to access the server just fine. He can ping the server and browse to it via network places.

If I restart the Information Store on the exchange server he is able to connect again instantly.

Steps taken:
- Found an article that a M$ patch limited the TCP connections from 50 to 10. Ran another patch to allow 50 connections again.
- Added the local IP and server name to the Hosts file.
- Updated NIC drivers
- Adjusted MTU settings in the router

Who is Participating?

Improve company productivity with a Business Account.Sign Up

kristinawConnect With a Mentor Commented:
do you 9646 events for this user in your event viewer?
is this sbs server windows 2003 sp2?
if yes to the above, see here

and at minimum, start by doing the netsh command to disable the tcp chimney

za_mkhConnect With a Mentor Commented:
Oh you will find this very interesting ... I had a similar problem with only one user. It took a month to resolve. This person had a dogdy wireless connection at home which was being dropped being disconnected while connected via the VPN. This mean that the Exchange server started adding up the connections until she hit the limit you mention above.

If you open System Manager, you will find this person has lots of connections running in the store on which the mailbox is hoted.

You should find a similar message in your exchange error logs:
Event ID 9646: Mapi Session "/O=xxx/OU=xxx/cn=Recipients/cn=xxxx" exceeded the maximum of 32 objects of type "session"
Doing a search on the internet, lots of people have experienced this error and there are a few MS KB articles on this where they say you have to change some settings that were implemented as of Exchange 2003 SP1.
Essentially, this cause of the problem is that Exchange thinks that a MAPI client has created too many connections and as a result thereof does not allow any more MAPI connections to be made. An outlook connection should use between 1 and 5 connections. Apparently this problem mainly occurs when the user is connecting via a VPN connection and the firewall, firewall client, sometimes blocks the connections and the outlook sessions are not TERMINATED properly. So Exchange thinks users are still connected and allows connections until 32 connections are reached and then will not allow any more.
Thats why restarting Exchange solves the problem.

To solve this problem for this user, download the sysinternals tool called TCPView and run it on your MX server. You will see a whole bunch of connections. Work out the IP address this user is receiving when connected to the VPN, and then using TCP view terminate all sessions to that IP address. Voila problem solved. I had to do this for a while until I got her to buy a new wireless router at home!

Hope this helps
HopperSIAuthor Commented:
Thanks for the advice

Kristina, the server is SBS 2003 SP2 and I do see 9646 events poping up.

MKH, You may be on to something with the system losing connection.

The PC is hard wired into the network and it seemed like I was able to ping the server just fine. However, when I pinged the server 100 times I had anywhere between 4-11% loss.

I am going to reboot the router after hours tonight to see if things improve.

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Good stuff. I decided not to change any of my Exchange Server's settings, especially since it only affected one user and it meant I had to resolve the issue at the cause.

The reason it took one month for me to work it out was due to the fact that we had only just migrated to AD from NT4 and I thought our migration had gone slightly awry - was looking in the wrong place altogether.
HopperSIAuthor Commented:
It has been two solid weeks without a disconnect. Restarting the clients router seemed to do the trick. He is now receiving 0% loss when he continuously pings the server over the VPN.
za_mkh thank you for pointing out TCPview.....that program is great.

Since my company relies on email to the point of absurdity i could never restart and the only way i could fix this problem when it occationally came up was to migrate the user's mailbox to another mailstore.

 No longer, your solution (using TCPview to close out the open TCP/MAPI connections) works brilliantly....I tip my hat to you.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.