• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 313
  • Last Modified:

Outlook can't connect to Exchange thru VPN when endpoints are the same subnet

Our home office exchange server is on a 192.168.1.x subnet.  When traveling we establish a Microsoft VPN and usually are able to connect to exchange when the remote location gives us an ip address on a different subnet like 10.10.10.x.  However when we try from a location which gives us an ip address on the same subnet 192.168.1.x, the vpn connects but outlook cannot connect.  At the moment it is impractical to change the corporate subnet from the very common 192.168.1.x to something less common.  Is there a workaround we can use to solve our issue?
thanks all
0
chamlight
Asked:
chamlight
  • 4
  • 2
  • 2
  • +3
3 Solutions
 
farazhkhanCommented:
Hi,

Are you able to PING the mail server from remote location?

Regards,
Faraz H. Khan
0
 
Alan HardistyCommented:
You need to either change the local end or the remote end for this to work properly.
As most home users get 192.168.x.x address ranges, the best long term solution is to change the internal address scheme at your office I am afraid.
Please see this previous EE question about the same topic:
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_22103656.html 
0
 
Alan HardistyCommented:
I always setup my servers for my customers on 10.x.x.x ranges and never have a problem with VPN.
If all you need to do is connect to Exchange, then you should setup HTTP over RPC and then you don't need the VPN at all.
http://www.amset.info/exchange/rpc-http.asp 
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
AkhaterCommented:
It is not outlook that can't connect it is simply that the 2 endpoint can't communicate.

the only solution is to change the range of IPs in one of the 2 locations or routing will never happen between them
0
 
KyoshCommented:
You could try static routes to force connections to certain IP's to pass through your VPN Tunnel.

See MS Product Documentation for command Route:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/route.mspx?mfr=true
0
 
AkhaterCommented:
Static routes won't work here since both endpints are in the same subnet
0
 
peakpeakCommented:
The reason it cannot work is because the *reply* from the other end will hit the VPN server which (normally) should route the packet back through the tunnel. But before it has a chance to do that the TCP/IP stack will discover that the packet is on the same subnet and thus sends the packet out again *directly* to the originating computer *outside* of the tunnel. The originating computer has no open connection with this IP address (outside of the tunnel) so it discards the packet.
Theroretically you could modify the routing table on the VPN machine with the IP of the originating computer's VPN IP but since it's normally assigned dynamically through DHCP or the like it's not practical.
0
 
chamlightAuthor Commented:
Thank you all for your time and input
0
 
Alan HardistyCommented:
Did you see my comment about HTTPs over RPC, which eliminate the need for VPN if all you want is Outlook remotely?
0
 
chamlightAuthor Commented:
hi alanhardisty-
i did see your comment and glanced at the link but havent had the implement as i am travelling...which is what prompted the question to begin with.  I will ultimately change the ip range as you suggested but for the moment, the other link you provided to the other EE articlle helped greatly.  It says to uncheck "use default gateway on remote network" in the tcp/ip settings of the VPN connection.  That got outlook connected.  Thanks so much for that.
And thanks to everyone else for your help.
0
 
Alan HardistyCommented:
You are welcome.  Glad I inadvertenly helped you!

HTTPS over RPC is a great way to use Outlook.  You get mail, just as if you were sitting in the office, only you can be thousands of miles away and not a single VPN connection required.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 4
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now