Solved

Unable to connect to Outlook over VPN when in China

Posted on 2009-03-30
7
893 Views
Last Modified: 2012-05-06
Hi.  I have a remote VPN user who travels to China frequently.  We use a Watchguard Firebox client to terminate at our Firebox and then they have access to the internal network.  User has always had issues connecting to Outlook 2003 through our VPN at various locations in China. I've chalked it up to ISP issues over there and told him to go across the street or find another location and it usually works ok.   I recently moved my Exhange 2003 services to another server and since then he seems to be having even more issues.  During his last trip, he could not connect in most cases - sometimes he would not connect and then would connect the next day at the same hotel.  When he did manage to connect, Outlook disconnected after about 30 minutes.  He said he was still able to access our internal network after Outlook disconnected though.   He is able to connect to Outlook through VPN when stateside and even connects when attached through a dial-up line, although connection to Outlook is now quite a bit slower over dial-up than it used to be.
Did I miss a setting on the new server?  Outlook client has been changed to point to new server and I even added a pointer in the hosts table since he got back.  Can anyone think of anything else?
0
Comment
Question by:valmatic
  • 3
  • 3
7 Comments
 
LVL 6

Expert Comment

by:ged125
ID: 24022727
What version of Exchange are you running?  Are you running in Cached mode?  
0
 
LVL 1

Expert Comment

by:robsdesk
ID: 24023019
If the VPN is comming up then it's fundamentally working (assuming no settings are being changed client side such as the use default gateway on remote network option), most likely due to a poor connection, another test is to have your user hit the internal name of your OWA site.
0
 
LVL 7

Author Comment

by:valmatic
ID: 24028146
Exchange 2003 SP2 and yes running in cached mode.  

Yes OWA works from the outside but he doesn't like it. Don't think he's tried an internal OWA connect through the VPN though.  That works fine in my tests too but who knows what's up in China?  I keep offering to go over there for a week to test but no dice so far.    One last bit.  I have had issues in the past with Wide Open West (ISP) users.  Turns out WOW likes to dole out bandwidth on an as needed basis so my users had trouble connecting to Oulook via VPN.  I had to call the provider on behalf of each of my home users and ask them to open their bandwidth and then no more problems..  I've always guessed this is the same issue but no idea who the CHinese providers are and like I said the issue seems to have changed somewhat.  I'd be happy if I got back to the point where my chinese users could connect at least some of the time and stay connected so I'm hoping I missed something in the setup of the new server - but can't spot anything...?  

thanks guys:)
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 6

Accepted Solution

by:
ged125 earned 500 total points
ID: 24030988
Have you tried RPC over HTTPS (renamed Outlook anywhere in Exchange 2007)?  It uses the RPC protocol encapsulated over HTTPS and it sounds like it would be a perfect solution for you.  It eliminates the need for VPN and basically does all the back-end communication through the OWA interface, but allows the user to use the standard outlook 2003 client.

Some useful links:

http://technet.microsoft.com/en-us/library/bb124671(EXCHG.65).aspx
http://office.microsoft.com/en-us/ork2003/HA011402731033.aspx

Do you have any other applications that require your users to VPN in?  The recent trend has been to move away from VPN and leverage application directly over a secure connection.

Let me know if this helps.
0
 
LVL 7

Author Comment

by:valmatic
ID: 24033330
that sounds like exactly what I need.  Users currently use VPN to access a 3rd party manufacturing application based off of a A/S400 server as well as shared drives, MS Access/sql database apps, etc...
Are there any security issues with using RPC over Https though?  
0
 
LVL 6

Expert Comment

by:ged125
ID: 24033405
You have the same level of encryption as VPN, so no.  
0
 
LVL 7

Author Closing Comment

by:valmatic
ID: 31564502
perfect - thanks for the help :)
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

775 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question