VPN using L2TP / IPSEC

[mechamd]

I have set up a Windows 2003 server (member server pasrt of a Windows 2000 domain)) and configured the RRAS to accept VPN connection on both L2TP and PPTP

I am using a XP client to dial up and connect to the network via MS L2TP VPN

The client has the NAT-T patch installed, the firewall (sonicwall) has been configured with the correct ports etc etc

I can connect form the client to the network with no problems over dialup. I can browse files etc etc but the problem lies with outlook. If I use Outlook offline sending mail is not a problem when i sync but it hangs receiving mail. I have tried Office 2000 SP3 and Office 2003 with the same result. Office 2003 shows gets to about 50 % receive but then hangs and invariably kills the connection

Name resolution is not an issue as I can ping the servers etc etc and as mentioned before

If I connect and do not work offline I do not have an issue but the company require we use offline

Any ideas out there ?

Dave
MCSE 2k CCNA

 

[Jonathan2004]

My 2 cents:

MS Windows XP/2003 L2TP is L2TP Over IPSec. So your issue seems the MTU problem in IPSec VPN environment.

When working offline, as soon as you sync, Outlook will try to send a lot of data at one time(maybe "Don't Fragment" bit set), then the sudden frame size(data plus IPSec overhead) exceeds 1500 which is the normal MTU setting for an Ethernet adapter.

If you can get a Protocol Analyzer, it's easier to grab the packet for analysis. Anyway, you can contact Microsoft to confirm the behavior of Outlook using offline mode first.

 

[mechamd]

Mnay thanks for your advice, I am having the same problems with a Windows 2000 Server setup to accept PPTP connections.

On my test laptop I have lowered the MTU rate but have the same problems ? odd that sometimes mail comes in but very rarely

Any other ideas would be greatly appreciated

 

[mechamd]

following on from earlier, any suggestions out there for MTU rates, best practices etc.