Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Users unable to connect to the Exchange server through an IPsec tunnel on the VPN 3000 Concentrator
IPsec adds more header to the packets exchanged across the tunnel. This issue can be related to the fragmentation of packets. Outlook uses Path MTU for the fragmentation policy, but this is not enabled by default on the VPN 3000 Concentrator.
Complete these steps to resolve the Path MTU size issue:
Select the Public interface.
Check the IPsec fragmentation policy that you have enabled.
Set this policy to Fragment prior to IPSec encapsulation without Path MTU Discovery (Clear DF bit).
Try the connection again.
Note: Once you change this setting, it brings down all the other tunnels you have at the moment since something has changed to the way the VPN Concentrator must handle the tunnels.