Solved

Unable to connect to Outlook over VPN when in China

Posted on 2009-03-30
7
884 Views
Last Modified: 2012-05-06
Hi.  I have a remote VPN user who travels to China frequently.  We use a Watchguard Firebox client to terminate at our Firebox and then they have access to the internal network.  User has always had issues connecting to Outlook 2003 through our VPN at various locations in China. I've chalked it up to ISP issues over there and told him to go across the street or find another location and it usually works ok.   I recently moved my Exhange 2003 services to another server and since then he seems to be having even more issues.  During his last trip, he could not connect in most cases - sometimes he would not connect and then would connect the next day at the same hotel.  When he did manage to connect, Outlook disconnected after about 30 minutes.  He said he was still able to access our internal network after Outlook disconnected though.   He is able to connect to Outlook through VPN when stateside and even connects when attached through a dial-up line, although connection to Outlook is now quite a bit slower over dial-up than it used to be.
Did I miss a setting on the new server?  Outlook client has been changed to point to new server and I even added a pointer in the hosts table since he got back.  Can anyone think of anything else?
0
Comment
Question by:valmatic
  • 3
  • 3
7 Comments
 
LVL 6

Expert Comment

by:ged125
ID: 24022727
What version of Exchange are you running?  Are you running in Cached mode?  
0
 
LVL 1

Expert Comment

by:robsdesk
ID: 24023019
If the VPN is comming up then it's fundamentally working (assuming no settings are being changed client side such as the use default gateway on remote network option), most likely due to a poor connection, another test is to have your user hit the internal name of your OWA site.
0
 
LVL 7

Author Comment

by:valmatic
ID: 24028146
Exchange 2003 SP2 and yes running in cached mode.  

Yes OWA works from the outside but he doesn't like it. Don't think he's tried an internal OWA connect through the VPN though.  That works fine in my tests too but who knows what's up in China?  I keep offering to go over there for a week to test but no dice so far.    One last bit.  I have had issues in the past with Wide Open West (ISP) users.  Turns out WOW likes to dole out bandwidth on an as needed basis so my users had trouble connecting to Oulook via VPN.  I had to call the provider on behalf of each of my home users and ask them to open their bandwidth and then no more problems..  I've always guessed this is the same issue but no idea who the CHinese providers are and like I said the issue seems to have changed somewhat.  I'd be happy if I got back to the point where my chinese users could connect at least some of the time and stay connected so I'm hoping I missed something in the setup of the new server - but can't spot anything...?  

thanks guys:)
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 6

Accepted Solution

by:
ged125 earned 500 total points
ID: 24030988
Have you tried RPC over HTTPS (renamed Outlook anywhere in Exchange 2007)?  It uses the RPC protocol encapsulated over HTTPS and it sounds like it would be a perfect solution for you.  It eliminates the need for VPN and basically does all the back-end communication through the OWA interface, but allows the user to use the standard outlook 2003 client.

Some useful links:

http://technet.microsoft.com/en-us/library/bb124671(EXCHG.65).aspx
http://office.microsoft.com/en-us/ork2003/HA011402731033.aspx

Do you have any other applications that require your users to VPN in?  The recent trend has been to move away from VPN and leverage application directly over a secure connection.

Let me know if this helps.
0
 
LVL 7

Author Comment

by:valmatic
ID: 24033330
that sounds like exactly what I need.  Users currently use VPN to access a 3rd party manufacturing application based off of a A/S400 server as well as shared drives, MS Access/sql database apps, etc...
Are there any security issues with using RPC over Https though?  
0
 
LVL 6

Expert Comment

by:ged125
ID: 24033405
You have the same level of encryption as VPN, so no.  
0
 
LVL 7

Author Closing Comment

by:valmatic
ID: 31564502
perfect - thanks for the help :)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now