?
Solved

When using VPN, everything except Outlook works and can even ping exchange server?

Posted on 2012-08-13
11
Medium Priority
?
21,157 Views
1 Endorsement
Last Modified: 2012-08-26
Hello experts,

I cannot figure this out for the life of me, but we have a user where I work who uses Cisco AnyConnect vpn client to connect to our business servers.  We are running exchange 2003 and office 2010.  We edited the hosts file to make the ip to our exchange server point directly to it and the funny thing is you can ping the exchange server no problem.  All of our network drives show up, but Outlook never connects.  We connect to vpn no problem and the server drives come up, but when we click on Outlook, it says "trying to connect" then stays like that for a few moments then goes right to "disconnected".  I cannot get it to connect and I have no clue what to do.  I've restarted a bunch of times, disabled all of the internet adapters except for the verizon air card and vpn connection and still does not work.  I've cleared the dns cache a bunch of times.  Any help with this would be greatly appreciated.  I've been going crazy over this for a while.
1
Comment
Question by:Brent Johnson
  • 6
  • 4
11 Comments
 
LVL 12

Expert Comment

by:mlongoh
ID: 38288949
Does Outlook work if the workstation is directly connected to the LAN?
0
 

Author Comment

by:Brent Johnson
ID: 38289066
Yes it does.
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 38289099
Then it's possible that a protocol (or protocols AKA ports) are being blocked from getting through the VPN.  Is this happening for just one user or anyone that attempts to connect via the VPN?
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 

Author Comment

by:Brent Johnson
ID: 38289241
Just the one.  How do I make sure they are not blocked?
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 38289444
RPC is the likely cuprit.  And the sticking point, if I'm remembering this right, is that by default it dynamically sets the port that it's going to use when the communication session is initiated.  The client connects on port 135 and is told what port to use for the rest of the session, which is dynamically set.  So, it becomes necessary to either do a reg hack on the server to force RPC communication to a specific port for every session, and open that port, or make no reg changes and open all ports above 1024.

See this for detailed explanation: http://support.microsoft.com/kb/832017
There's a section on Exchange and Outlook.

You can pursue using RPC over HTTPS, in which case you'd only have to allow port 443 through the VPN (firewall).  But that can get a little cumbersome, and usually is what you do in lieu of a VPN connection.

To answer your question though, you can run outlook with a /rpcdiag switch and see what's happening with the RPC communications.
0
 

Author Comment

by:Brent Johnson
ID: 38294637
Okay this is the strangest thing ever.  I have narrowed down the problem a bit more and I have never seen this problem, ever.  And I still don't know how to fix it.  I do not think it is a port issue after narrowing it down.  Okay, so I took her laptop home with me and when I logged into her VPN on my WiFi network at home, her Outlook would not connect.  BUT, when I plugged an ethernet cable straight into the laptop from my router, it worked!  So how could this be possible that Outlook will not connect via a wireless connection, but will connect via a wired connection, no matter the network?
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38294643
When connected over Wireless, could you disable ethernet NIC - does it help? Possible the NIC Card binding order *may* affect

Regards,
Exchange_Geek
0
 

Author Comment

by:Brent Johnson
ID: 38294766
Okay, well I just narrowed it down even further... It was not connecting via the WiFi because the dns has to be set in the ipv4 properties of the cisco vpn client adapter.  But, now the problem is everytime I disconnect from the vpn a.k.a. shut off the computer, it erases that inputted dns setting.  Is there anyway to force it to keep the setting so I don't have to manually enter it in every single time she uses the vpn?
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 38296080
You should be able to configure that on the vpn concentrator end (or whatever the client is connecting to).  The IP address along with the default route and DNS servers should be getting set automatically.  You should not have to work on configuring the client side.
0
 

Accepted Solution

by:
Brent Johnson earned 0 total points
ID: 38316429
Adapters were not finding the dns server so I had to manually put in the dns ip.
0
 

Author Closing Comment

by:Brent Johnson
ID: 38333787
This fixed the problem.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question