I have seen this issue come up in a number of posts, and I am seeing the same issue at a customer site. Maybe if we can get everyone with the problem on the same thread, we can get a fix.
At the customer site, there are ~50 laptops running 95 or 98. Some are running Outlook 97, others have Outlook 2000. All of the laptops have IP connectivity to devices on the LAN (over the tunnel). All laptops can browse the network (they have a WINS entry). Outlook does not work on 6 of them! Of the few that do not work, some are 95, some are 98, some have Outlook 97, some have Outlook 2000. All laptops are configured to login to an NT Domain. Thoughts?
Can you specify what the error message or failure you see? For general case of Outlook/Exchange connection, most failure cases may due to Outlook rpc timeout before connecting to the Exchange. By default, the timeout of online connection is 30s. You can try set this to 60s or 90s. Maybe it fixes your problem.
The error message is the retry/work-offline message when Outlook can't find the Exchange server. I had changed the timeout to 90 secs. It just took a little longer to timeout. ;)
Then I suspected the problem came from the port restriction. Which port you allow for VPN connection? Since Exchange dynamically assigns ports to communicate with Outllok, you cannot deny those dynamic ports. In my setting, I allow all IP port to be communicate in VPN connection.
Make sure that Outlook is not trying to connect via dial up or some other way. Make sure "Do not dial, use existing connection" is checked.
"Do not dial, use existing connection" is checked.
As far as what ports are open, we are not using split-tunnel, so all traffic from the remote PC is tunneled to the PIX, and there is no other access-list or setting that would block certain ports from the remotes.
We are upgrading the client to 3.0.6, and we are going to play with MTU's. Very strange...
Finally I found the problem of using Cisco VPN Client with IPSec. I tried several program which may need to verify the IP such as pcAnywhere and Outlook/Exchange. All are failed. There will be no problem if you are really getting the IP mapping shown in ipconfig and routing such as PPTP connection.
Yes. I have a client running win 98 and he can't access MS exchange. it just times out. he can ping the server using it name and ip address. he can also browse the network and access files ok. another user is also having problem with PC Anywhere and VNC (both remote control S/W)
responce times are also slow 1.5 seconds for a ping with a packet sice 1500.
i have a cisco 3005 with clinet s/w 3.1 rel-k9.
We are having the same problems but it is intermittent. Sometimes it works sometimes it doesn't. Our config is using the ATT dialer for the internet connection and then the Cisco 3000 Client for the tunnel. We get timeout errors trying to connect to the exchange server as well as outlook 2000 just freezing up. Should we adjust the MTU to a smaller number? Any ideas suggestions? Any help would be great. Thanks
Did you try setting up a local host file on the problem systems? Since Outlook relies on translation of the Host name to IP address, sometimes configuring this information in the system's local host file can speed things up and fix glitches that can be caused by name resolution issues.
I looked at the outlook traffic with a sniffer and saw a lot of packets with the "don't fragment" bit set. The following documents may be helpful to you.
I faced the same issue on both Domain logon as well Outlook access to exchange server..After changing the registry settings on win 95/98 it works fine..
Create a data type key MTU and set it to 1470..
MaxMTU = 1470
Data Type: String
By default packet size is 1500 bytes and also DF is set.VPN tunnel can't handle more than 1470 bytes i suppose and that's why packets are dropped at vpn router.
Something want to make sure. Should I need to modify changes to all workstations and servers?
Also, which registry should I make changes under Win2k or WinXP?