Re: Exchange 2003, Outlook 2003, VPN Connection Issues

I would take the path of testing an Outlook Client with RPC over HTTPs from the remote location to your main office thus bypassing the VPN entirely or have the user connect to using a VPN client from the remote location. What I am trying to suggest is bypassing your dedicated VPN between the sites and go straight through Internet Interface of your Router to see if you have the same issue with the Outlook Clients. This would at least give you some direction to take if it turns out to be the dedicated VPN. You should also look at the config files for your Routers at other locations that are working correctly to insure they are identical in the VPN setup.

FYI: I would also suggest Cached Mode for remote office Outlook Clients since this will let users keep working when the connection goes down.

--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2007
Microsoft Certified Partner


<beth.stover@xxxxxxxxx> wrote in message news:1179943247.254713.224050@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi All,

I've seen a lot of posts regarding Outlook through VPN, but I didn't
see any that address my issue specifically. My apologies if this has
already been discussed.

My environment:

I have one Exchange 2003 SP3 server in a main office. It runs on
Windows 2003 Server Standard Edition SP1. We have 275 users total.
30 of these users are in a remote office 500 miles away. We have 2
T1's at the main office and 1 T1 at the remote site. We use Netscreen
208's at the main office and a Netscreen GT at the remote site. The
two sites are connected via a VPN using the Netscreen Hardware, so
there are no VPN clients being used. The VPN is open, so there are no
port restrictions involved. All clients (XP) at the remote site are
members of the domain. All servers and clients are fully patched to-
date. The users in the remote site have Outlook 2003 installed on
their desktops. We are not using cached mode for Outlook 2003. There
is a DNS server in the main site. The clients in the remote site use
this DNS server through the VPN. There are no DNS issues -- clients
in the remote site can ping all resources including the Exchange
server in the main site by FQDN. Connectivity for all resources seems
fine from the remote site to the main site through the VPN -- ping,
tracert, DNS, domain authentication, etc. All T1's have been tested
and are functioning as expected. The T1 in the remote site
experiences 80% usage -- typically for 1 hour in the morning and 1
hour in the afternoon. Other than that, usage is @ 15%. I've
confirmed the MTU settings are default on the client, Netscreens and
the routers.

The problem:

Intermittently, the users in the remote office cannot connect to the
Exchange server using Outlook from their desktops. In some cases,
Outlook "hangs" and cannot connect and there is no error. Other
times, the users cannot connect and they get a pop-up message in
Outlook, "Exchange server is unavailable." In each case, a reboot of
the client usually resolves this problem. The problem is happening
almost every day for one or two users, but different users are
affected each time. (It's not always the same users). When the
problems happen, bandwidth usage is at a reasonable level, the clients
can ping the Exchange Server using FQDN, and other traffic is not
affected. Most often, Outlook works fine in this configuration, so I
know everything is configured properly for basic connectivity. I have
checked the Exchange server, and there are no problems reported on the
server when the problem occurs.

Also, I have 2 other remote sites connected in the same way -- using
Netscreen GT, T1, DNS at main site, and Outlook from desktop. One
site is 1000 miles away (10 users). The other site is 3000 miles away
(15 users). The two other remote sites do not experience connection
problems to Exchange.

We have given the users the option of using OWA or connecting via
Terminal Server, but they really, really want to use Outlook from
their desktops. We opted not to use RPC over HTTP because of security
concerns, so that's not an option here.

I've contacted the vendor for the T1 in the remote site several times,
and they assure me that the pipe is working as epxected.

Can anyone give me some ideas on how to troubleshoot this problem with
the one remote location with 30 users? I'm not looking to change how
the users connect, as we have given them other options. What I really
need to figure out is how to resolve the problems with Outlook on the
desktop through a VPN not connecting.

Thanks in advance.


.

Relevant Pages

  • Re: Event 5807 and VPN Clients
    ... into a local subnet of any kind. ... we are currently migrating away from was Safenet Soft Remote, ... >> network via our hardware VPN. ... Those clients, therefore, have undefined ...
    (microsoft.public.win2000.active_directory)
  • RE: Outlook access problems over VPN
    ... I have a suggestion for exchange, ... Works great and clients ... They just open up outlook whether ... > Exchange server when they are connected via the VPN to our network. ...
    (microsoft.public.windows.server.sbs)
  • Re: Multiple Remote Clients
    ... SBS2003 server and a bunch of clients. ... through Logon through dial-up networking on logon, or a manual VPN ... all PCs are joined the SBS Domain. ... > prints in the remote site, and the clients failing to resolve each other ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Users - How do you handle them?
    ... clients can print to network printers without them having to be TS compliant. ... We now have four remote offices. ... At three of the remote offices I have Sonicwall TZ-190 firewalls, and a VPN ...
    (microsoft.public.windows.server.sbs)
  • Re: Exchange remote connection
    ... connect to Outlook, or at least have the workgroup set to the same name as ... On www.smallbizserver.net, SBS 2003, Workstations you will ... How to setup VPN for the server is on SBS 2000, Remote Access. ...
    (microsoft.public.backoffice.smallbiz2000)
Loading