Urgent help with VPN over exchange

[SQLScholar]

Hey all,

Bit of an issue...

we have a netpilot plus firewall and a exchange box behind it!

The Firewall is accepting Roadwarrior connections. We have set up the windows XP VPN correctly and now have connectivity (if you go to any shares asks for User/Password - but then you see the shares). But it only works through IP - which we can try and sort later.

BUT if we try to connect to the exchange server, via outlook, and the IP - Nothing. It just will not connect.

Any ideas?

Please.....

Dan

----------------------------------------
There are 2 types of computer, the prototype and the obsolete!!
----------------------------------------

 

[SQLScholar]

Got one step closer - it can verify the mailbox against the server (type first few letters and it resolves).

Yet i cant still connect!!

----------------------------------------
There are 2 types of computer, the prototype and the obsolete!!
----------------------------------------

 

[dfortin]

In your xp vpn connection, do you have your users set up to autheticate to a domain? I ask because if users were to authenticate to a domain, then they wouldn't be prompted for username/password when accessing network shares.

Also, are you passing internal dns servers to your users so they can resolve the exchange server correctly via internal ip? I've found having internal name resolution of the exchange server is important for exchange connectivity.

 

[substitute]

Yes, as dfortin says, sounds as if your DNS isn't set up (...But it only works through IP - which we can try and sort later....)

Exchange uses DNS as it's preferred name resolution. If it can't resolve using DNS it falls back to other systems but can time out before a working system responds.

If you run IPCONFIG/ALL on the client, what DNS server is listed for the VPN? It should share the first couple of numbers with your IP address. Look at mine:

PPP adapter SBA:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.248
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.248
DNS Servers . . . . . . . . . . . : 192.168.1.1
Primary WINS Server . . . . . . . : 192.168.1.1

The DNS server address is defined in the VPN host setup.

If you aren't running DNS on the LAN for some reason you can put the server name/ip in the clients' HOSTS file but Exchange may still fail to connect. I frequently find in that case that the first connection attempt fails but if you retry it succeeds (slowly).

Ian.

 

[jpopper]

on the firewall you need to forward 2 ports to your exchange server

443
and
135

Also you will need to create a certificate from the exchange server this allows clients to get email.

Lastly configure the outlook client to get mail, go to settings more settings, select Exchange over internet and enter your info, exchange server etc. basic auth

mine works like a charm

 

[firthm]

I imagine the DNS settings resolved this?

Drop us a line to let us know...

Mike Firth

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~