Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Site to site vpn and exchange

I have a bit of a problem with my site to site vpns.  I work for an IT support company that manages a client’s infrastructure.  Company X (the client) has two offices, the main office hosts the DC, file, DNS and exchange servers.  The second office has a DNS server and a DC for local logins.  The two offices are linked between a site to site VPN.  The second office uses the VPN to access files but most important the exchange server for emails.  The problem is a user’s outlook won’t be able to connect to the exchange server, this will happen randomly.

The user can still access internet, ping any server across the vpn link but they just won’t be able to connect to the exchange server for about 2-5 minutes.  My questions is for the second office when users have to cross the vpn link to get email from the exchange server could the vpn be stopping the users exchange session? The users in the main office are not at all affected by this.

I just want to know if it is at all possible for the vpn or router to stop a user’s ability in accessing the exchange server for a short time.  No exchanges have been made to the configs and this has only started in the past 6 months, VPN and servers have been active for 2 years now.

What debug could i run to test for dropped sessions/packets across the vpn link



Everyone's tags (2)
Cisco Employee

Site to site vpn and exchange


Not very likely that VPN (the feature) would be o blame in situation like this. Unless, you're using VPN filter (or similar features).

Now if the VPN is terminated on firewalls check the deep packet insection policies, on ASA's for example you will have inspect SMTP which could affect outgoing email (not really fetching your emails from server).

Start by inspecting syslogs from VPN devices around the time people have reported problems. :-)


CreatePlease to create content