Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
615
Views
0
Helpful
4
Replies

MS-Outlook 2000 too slow in a PVN connection

p.lombardo
Level 1
Level 1

‎09-17-2004 06:19 AM

I've estabilished a VPN connection with a cisco PIX Firewall v.6.3.3 using Cisco VPN-Clinet 4.0.3.

All work fine ( telnet,ping,http,dns, netbios )but MS-Outlook 2003 sp-3 connecting to MS-Excange is very slow to start and often a timeout occur even on a broadband network.Using Outlook Express no problem at all.

Working on the lan all works fine.

MTU on the client have been decreased to 1300 and 576 without success.

Can you help me to isolate the problem ?

Labels:
0 Helpful
4 Replies 4

mostiguy
Level 6
Level 6

‎09-18-2004 08:09 AM

What type of connection is the vpn user using?

If you are using outlook 2003, you can try setting up cached mode when the user is in the office. That way the user has a copy of everything in their mailbox at the point in time on their machine - then when using the vpn, they are just retrieving new messages.

0 Helpful

ehirsel
Level 6
Level 6

‎09-19-2004 05:39 PM

I would run a capture on the firewall interface that leads to the exchange server, using one vpn client as the source address. Set the acl that defines interesting traffic like this:

access-l capture_acl01 permit ip host vpnclient any

access-l capture_acl01 permit any ip host vpnclient

Then clear you buffer logg, and let the client try to connect. Post the results of the trace here, and also post any relevant info in the logs. What I am looking for in the capture is if I can see where the delay is coming from (client or server). The log info may tell you if you are blocking some traffic that Outlook, but not OE needs to go thru.

0 Helpful

p.lombardo
Level 1
Level 1
In response to ehirsel

‎09-22-2004 08:37 AM

Already done !

I've seen a lot of traffic passing trough the Pix when lauching Outlook application, but I can not identify what. I've supposed, as read in another forum, the Outlook 2000 cache missing, but I don't undesrtand why we have the same waiting time with a slow connection ( modem 56K ) and a broadband connection ( adsl 256K ).

I've planned to decrease MTU on Server and VPN client and to try outlook 2003. Any other suggestion ?

0 Helpful

ehirsel
Level 6
Level 6
In response to p.lombardo

‎09-28-2004 04:41 PM

Can you post the log here? If possible, just have one vpn connection proceed thru, or at least id the client and the server, so that I can easily id the conversation.

If possible, post the log as is on the pix, if not you can converit to to SNIFFER or ethereal format as I have access to both.

Thanks, Ed Hirsel

0 Helpful
Customers Also Viewed These Support Documents