Avatar of pfarber22
pfarber22 asked on

Outlook coneection is very slow and unstable from a remote office

Users in one of the remote offices with less than 5 users connected to the main office Exchange 2003 in the online mode via Windows VPN contantly experience problems. Connection is either slow or even breaks. ISP is Verizon ADSL, 3 Mbs. The company has other offices that are connected in a similar way don't report problems.
I am trying to get to the bottom of this as email is vital for that office. Calling Verizon always gives me: "Out connection is fine"
In the end of the day, I need to produce hard evidence (I would prefer graphical view) on the cause of the problem. I don't mind buying a modestly priced traffic-monitoring sofware as ong it can show traffic utilization over time per protocol, host, dropped packets/connections, etc.

Thanks in advance!
ExchangeOutlookNetwork ManagementVPN

Avatar of undefined
Last Comment
andy_deru

8/22/2022 - Mon
leibinusa

try using public IP address to access mail server from the remote site, to see if it can make difference. For ADSL, 3Mbs just mean downstream speed, the upstream may be just 500Kbs. keep that in mind.

For bandwith usage monitoring, you can use wireshark, whic is free.
grandebob

Does each windows workstation use a VPN, or does the remote office's gateway have a VPN to the main office?

5+ users using VPN on a DSL line can easily saturate your bandwidth.

I would either make a site to site VPN, which would give you less over head then each individual workstation creating a VPN tunnel
Or use RPC Via HTTP.

Any decent router should be able to give you basic traffic analasys. By decent, I don't mean a $50 best buy router.
ASKER
pfarber22

They use FQDN Exchange name.
I believe I used whireshark without much success. I don't remember right now. Is it capable of providing reports that I mentioned (historical, by protocol or traffic type, dropped packets, etc)?
Thanks!
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
ASKER
pfarber22

Each user is using Windows VPN. I undestand that IPSec VPN will have less overhead but I still need to authenticate them to Windows.
It is 3 users, many times, they are not in the office at the same time.
My main point is that almost identical setup in other offices works perfectly.
I need to be able to find out what is unique with this office, and present management with easy to understand reports. For that, I am willling to pay extra money to buy software.
P.S. Users in the remote office are not technical.
SOLUTION
leibinusa

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
leibinusa

I mix it up with my customer which have SMTP issue. If you want to single out traffic to exchange server, use filter "ip.src==IP of exchange server" or "ip.dst==".
ASKER
pfarber22

We regularly check for viruses and such, no music or other downloads no wireless connections.
Disconnecting computers is difficult as I don't have a dedicated person there, even though that was also done and I will consider it again.
I want to get to my original question. Can someone recommend a program (I am willing to pay) that will run in a promiscuous mode and produce traffic and utilization reports?
I the main office, we used to have a Network Composer appliance by Cymphonix. It is high end device but can serve a reference to what I am expecting to see.
I appreciate everyone's comments. They are all helpful.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
pfarber22

Andy,
Can you explain more on this subject? We have troubleshooted MTU issues with Microsoft and ourselves with no improvements.
Thanks!
andy_deru

a bit Theory:
IP fragmentation/defragmentation is decision on the client/server level At the NIC (Network Interface) of both devices. But could be forced by each network devices.
In an "open" structure network there is a process that help clients and server to discover what is the most optimal MTU to use between the client and the server, also called Path MTU discovery.

Most issues on VPN are caused by the fact that a device has the DF (Don't Fragment) bit sets (=1), and receiving a packet that is bigger than the max MTU. Normally it sends back an ICMP type3, code4, but as most firewall/border routers doesnot allow the most type of ICMP messages, this respons will not reach the destination and its function fails.

There is no common rule that says that you have to set or not to set the DF bit, because it depends on the connectivity needs and also the logical placements of your VPN GWs.

The more details I have, the more specific advices I could give. But the most important is to start understanding/looking at the fragmentation versus Path MTU discovery. You might PM me if you don't feel comfortable to share a real situation scheme.