Solved

Cannot get mail via vpn on some 3rd party wireless networks

Posted on 2010-09-01
9
306 Views
Last Modified: 2012-05-10
Hi Experts

I have a new client with a SBS 2003 server running exchange 2003. Clients are Windows XPPro with office 2003. In the office wired or wireless all works well. From each users home all users VPn in and outlook connect to exchange OK and users see the company files on a mapped drive. Users also heve 3G dongles and these connect OK.

Occasionally a user will be abroad in a hotel  on a wireless network and are able to connect via the vpn.However they cannot get mail or see the company shared drive. If they disconnect and use a 3g dongle all works fine.  This is not just limited to hotels it can be any wireless network some free access some not.

Any advice/thoughts would be great as this one has me stumped due the ramdomness

Cheers

David
0
Comment
Question by:HiltonPark
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 5

Expert Comment

by:MrN1c3
ID: 33575497
The sites where your users are having problems, are probably just running proxy servers, so will only allow http & https traffic on ports 80 & 443.  VPN will use other TCPIP ports, which these hotels are blocking.

Just advise your users to do what they are doing, ie use the dongle.

Alternatively you could setup a vpn over ssl solution
0
 

Expert Comment

by:iris01
ID: 33575511
Often random wireless networks will take over DNS and such services, meaning that regardless of the VPN connection the client wont be able to resolve the IP of the mail server.

Two things to test would be to

A) Add an entry to the hosts file (C:\windows\system32\drivers\etc) pointing to the mail server, bypassing the DNS on the wireless networks
B) Set the RAS/VPN connections above the wireless adapter in the NIC Binding Order (In network connections go to Advanced Menu > Advanced Settings)
0
 
LVL 1

Author Comment

by:HiltonPark
ID: 33575606
Hi iris01

Thanks for your tips on things to check. I am with you on option B but option A went straight over the top. Can you be  a bit more specific in adding the entry the hosts file.

Cheers

David
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Accepted Solution

by:
iris01 earned 250 total points
ID: 33575714
No problem

Open up notepad from there open the host file which is located at c:\windows\system32\drivers\etc (it has no file extension)

You will see a guide to how to edit it on top, and probably an entry such as

127.0.0.1          localhost

Now, let's say your SBS/Exchange server is called SERVER1 (or SERVER1.domain.local) and is on an IP address of 192.168.1.1, you would add a line to the file saying

192.168.1.1       SERVER1

and may aswell add one for SERVER1.domain.local while you're there;

192.168.1.1       SERVER1.domain.local

Then just save the file and try the connection again.

This file is referenced first for name resolution, followed by DNS servers, so any entries in here will override any on DNS servers.

You can check this has worked by pinging the mail server, if you do this before and after the hosts change you should see the server resolves to the wrong IP address before the change, and the correct one after, which should enable you to connect outlook.

A better solution may be to use RPC over HTTP, assuming you have outlook web access up and running (is configured by default in SBS, you just need to forward the traffic through your firewall), you can find a guide to setting up the clients here;

http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm
0
 
LVL 1

Author Comment

by:HiltonPark
ID: 33575767
Hi iris01

Thanks for the info I'll give it a try this PM. I take your point about RPc over http which I have used in the past. I did not think it would make any difference here but any port in a storm.

I'll report back.

Best regards

David
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33575817
David
The usual suspect in a vpn/outlook disconnected scenario is fragmented packets.
Exchange/outlook sends packets with df set, vpn takes the packets and fragments it while transporting and reassembles them in other end.

Way out
Configure max mtu of your vpn to correspond to this. That's the max mtu which won't be fragmented.
Given your case with travelling users this will be difficult to do for every network where they login from.

Better solution is to configure the users outlook to pull emails over rpc/https directly from exchange and forget the vpn altogether.

0
 
LVL 5

Expert Comment

by:DanMar
ID: 33587253
0
 
LVL 1

Author Comment

by:HiltonPark
ID: 33588498
Hello Sunnyc7 & DanMar,

Sunnyc7

I take your point re rpc/https as it was suggested earlier.So I am trying this out.

DanMar

Thanks for the KB article which I have read. I will try this out on a test rig first

Cheers

Dave
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590342
Dave
Please post back if you need any help with this.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question