RE: SBS 2003 sudden services problem over router based vpn

Hello Eric,

Thank you for posting to the SBS Newsgroup.

I understand that your remote cannot receive POP3 emails through VPN
connection. If I have misunderstood your concern, please let me know.

I need to double confirm with you whether your domain clients can
send/receive emails and browse OWA in LAN. In your post, it seems that the
problematic remote client can receive emails and access OWA when typing
FQDN, and the issue only occurs if the problematic remote client connects
SBS Server through routers. So this issue is most probably caused by the
routers.

I strongly suggest that you contact the router vendor to involve in this
issue. You may need to ask the router vendor to verify if the routers have
dropped any Network Packets during the traffic transmission.

You also can send us the POP3 Diagnostic log to have a look:

a. Open Exchange System Manager (ESM).

b. Expand Connectors, right-click POP3 Connector Manager and click
Properties.

c. On the Troubleshooting tab, change the Logging level to Maximum.

d. Go to Start -> Run "services.msc" (without quotation marks).

e. Restart the Microsoft Connector for POP3 Mailboxes service. Changes to
the logging level do not take effect until the service is restarted. Note
that restarting the service temporarily interrupts the download of mail
until the service starts again.

f. On the server, run "eventvwr" (without quotation marks), check whether
there is any error, if yes, double click it, click the Copy button and
paste the full content to the Newsgroup.

Thanks a lot for your time and understanding!

Best regards,

Brandy Nee

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------
From: ericjmail@xxxxxxxxx
Newsgroups: microsoft.public.windows.server.sbs
Subject: SBS 2003 sudden services problem over router based vpn
Date: 13 Apr 2006 08:38:20 -0700
Organization: http://groups.google.com
Lines: 150
Message-ID: <1144942700.193154.3700@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
NNTP-Posting-Host: 69.2.166.35
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Trace: posting.google.com 1144942708 6288 127.0.0.1 (13 Apr 2006
15:38:28 GMT)
X-Complaints-To: groups-abuse@xxxxxxxxxx
NNTP-Posting-Date: Thu, 13 Apr 2006 15:38:28 +0000 (UTC)
User-Agent: G2/0.2
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
..NET CLR 1.0.3705; .NET CLR 1.1.4322; Tablet PC 1.7),gzip(gfe),gzip(gfe)
Complaints-To: groups-abuse@xxxxxxxxxx
Injection-Info: v46g2000cwv.googlegroups.com; posting-host=69.2.166.35;
posting-account=Kwvm3w0AAABV9eNnu6d1EXt9gw-RtN48
Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!msrtrans!m
srn-in!newshub.sdsu.edu!postnews.google.com!v46g2000cwv.googlegroups.com!not
-for-mail
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:260191
X-Tomcat-NG: microsoft.public.windows.server.sbs

Hello, I hope someone can help me on this one

I'm going to try to post this question in a watchguard forum as well
but i would really appreciate hearing from someone in the microsoft
fold about what they think i should do to make progress


I've built many servers over the years and so am not a novice, but am
really struggling with this issue and need some help


Our configuration has been running fine four about 26 months


Last thursday we started having an intermittent problem and last friday

the problem became a permanent fault


VERY BRIEF DESCRIPTION (more details follow)
We have a back-to-back VPN running between two watchguard soho6 router
appliances - DSL connects to internet at both ends
on the server end the lan is 10.0.0.x, the server is 10.0.0.10
on the remote end the lan is 10.0.1.x
users on remote end have happily used outlook 2003 to establish pop3
connection to server for 24 months
outlook is configured to use local hosts file to reslove server by name

to 10.0.0.10


OBSERVED PROBLEMS:
PROBLEM1. users in the remote office can send email but not receive
email via pop3 when accesing the server through the vpn tunnel by it's
inside the lan address (10.0.0.10)
PROBLEM2. users in the rmote office cannot completely load owa
(https://server/exchange, or http://server/exchange) when accessing the

server via the vpn tunnel


HOWEVER
NOTE1 owa is working in the LAN just fine (users in 10.0.0.x subnet
have no problem)
NOTE2 both methods work fine if i open up the required ports, install
certificates, etc and access them by true FQDN
(https://host.domainname.com) pop3 is fine owa is fine, but i do not
want to have that exposure to the internet
NOTE3: no changes have been made to routers, server or workstations
that can account for this - we built a stable well performing system 2+

years ago and have been problem free until now. subsequent scans show
us to be virus free, netstat shows no unexpected connections, etc.


PROBABLY IMPORTANT OBSERVATIONS:
OBSERVATION1: Users in remote offices are still able to access shares
on the server via the vpn tunnel
OBSERVATION2: POP3 sessions from remote users using VPN tunnel do
authenticate on server, and do ask for data, but stall when retrieving
data
OBSERVATION3: POP3 packet capture on problem machines show that
commands to retrieve messages go to from the remote office to the
server, and that the server does send the data back to the remote
user's pc - but the data is not "seen" on the client pc as part of a
pop3 session.
Yep, that's right .... i have captured the pop3 data packets tha tthe
server sends back to the remote machine that have the data that is the
message, but the remote machine does not recognize that data as pop3
reply to POP3 RETR command.
When i rdp across the vpn to client machine, and run telnet pop3
session this is how it looks
TELNET SERVER 110
OK ,,, my server banner here
USER usename
OK
PASS password
OK
STAT
some numbers
RETR 1
nothing .... no reply no response, no data, just steady underline (not
blinking)
message one is a small one.


OBSERVATION4: the stalled telnet session does respond to quit command
if i wait about a minute


OBSERVATION5: user in remote offices that access OWA via VPN tunnel
NEVER GET A LOGIN PROMPT ON THEIR MACHINE, they get a white background,

a blue vertical bar for the left hand menu objects, and nothing else,
but the progress bar in the bottom very slowly progresses until page
cannot be displayed


OBSERVATION6:
on one problem machine:
- i have completely uninstalled all antivirus (was using symantec
client security 3 enterprise edition)
- i have disabled the windows firewall
the latest windows updates that have been installed are
913446 4 weeks before probelm started
911927 4 weeks before probelm started
908531 4 weeks before probelm started
911562 after problem started
912812 after problem started
911567 after problem started
some of which seem like they might be involved, but nothing definitive


OBSERVATION7:
the server is lightly tasked, 4gb ram, lots of free drive space
the server responds to all LAN, VPN and external queries that i send to

it
EVEN the ones on the problem machines (see observation 3 above)


the only windows updat that has been applied since 2004 is
867460 which was 2 days after the probelm was first reported


it could be a coincidence and the problem could have been


the windows update is a dot net fix that seems to very involved with
server side process communications, but again - the server seems to be
working fine and sending data to the client machines.


THE REAL QUESTION
If i can copy a file over the vpn and it arrives intact, why can i not
transmit properly formatted pop3 data from the server to the client?


Again, the SERVER DOES PROCESS AND REPLY to the POP3 RETR 1 command and

that data DOES travel over the VPN at the client machine but the client

machine does not seem to recognize it as such.


thanks in advance for your kind consideration to this matter


e



.