Ronni - I had a similar VPN issue where just a few clients could ping the Exchange server but could not connect when they were connected via VPN. It turned out to be the RPC binding order on the client's registry. Have a look at Microsoft article #163576 and article #326036. I also found the rpcrt4.dll would become corrupted and after I replaced that .dll and applied the following articles everything worked.
Amy -----Original Message----- From: Smith, Ronni [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 11, 2003 3:20 PM To: Exchange Discussions Subject: Outlook over VPN - MTU issue? - problems with Q301337 fix? We are a one Exchange 5.5 server shop. A few months ago I began the process of moving us to a new server. New hardware, new name, following Ed's Move Server Method which I have already done once without issue on NT4 to NT4. This time we moved to Windows 2000 for the new server's OS. New server is therefore Exch 5.5 SP4 on Win2k SP2 + security fixes and old server was/is Exch 5.5 SP4 on NT4 SP 6a + security fixes. I moved mailboxes over the course of a few days and everyone was fine, running happily without issues, except for one guy (the "n-sigma where n is a big number" guy of course) whose home machine couldn't connect fully to the new mail server over VPN as it had when it was on the NT4 box. It does make connections to the Exchange Server. I can see that with netstat -a on either side but it does not appear to transfer data. He uses a software vpn client to connect to our network. So at first I was ready to blame the MTU issue and make the modifications necessary to correct that. However, when I researched it, it seemed as though I should be having the same problem with all the clients that use vpn. Now some of my vpn clients have an appliance (Watchguard SOHO at user's home connects to our Watchguard Firebox) and some have the software client. Those with the appliance might not see the issue but my box at home uses the software client (SafeNet created for Watchguard) and it works fine as do all the SOHOs. The only pertinent difference I can see between my n-sigma user's connection and mine is that he uses dial-up and I use a dsl line. I have also verified that this is dial-up related in that a second user also has the issue with dial-up access. I have googled. I have technetted. I have searched archives. I have found/done the following: I have read Q301337 "PMTU Detection May Not Work After You Install Windows 2000 SP2" and while it appears to be the most pertinent, I am leery of adding a fix that until recently was not available except through PSS just to fix 2 people's e-mail access from home. Certainly it is true that our software vpn assigns an address on the same subnet to the client pc. But that is true for my machine as well, so I am also not 100% convinced that this will solve my issue. Has anyone here installed the Q301337 hotfix Q301337_W2k_SP3_x86_en.exe on a Windows 2000 SP2 Exchange Server and found that it caused problems? If not I am willing to try it. But I find myself a bit nervous about that "Uninstall is not available" note at the bottom of the download page. I do not have a server I can test with at the moment. If I get no positive feedback on this fix I may decide to build one first. Positive feedback about this fix would be appreciated as I am not sure where I can find a box to build a temporary test Exchange Server out of. Following Q159211 "Diagnoses and Treatment of Black Hole Routers" I did find a breakdown at an MTU of about 1200 for the n-sigma user's machine over dial-up and at 1450 for the other user's machine so I am reasonably certain MTU is a factor. I reviewed Q259783 "PPPoE with ICS Requires MTU Setting Below 1492 on the ICS Client" however, neither user is running ICS, nor is either one running PPPoE. Q120642 "TCP/IP & NBT Configuration Parameters for Windows" seems to indicate that I could add the MTU value for the dialup adapter to solve this problem but that has not worked for the second user and Q3031337 seems to indicate it might be ignored anyway due to the way the software VPN client behaves. Any other suggestions/pointers will be gratefully received. Ronni _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
