Looking for a means to monitor a users network connection

Question

One of my users has been complaining for the last few months about poor connectivity to our exchange server through our VPN. Everything seems to be connecting correctly but when he tries to use Outlook->Exchange the connection is sketchy at best. Sometimes he sees his email (caching and offline are turned off), sometimes he gets Exchange connection errors and sometimes it just sits there with an empty frozen outlook window. To work around the problem the user has to disconnect and connect, sometimes multiple times, from both the VPN and the Wireless connection.

Things I've tried. 1) I've replaced pretty much the entire network in the users house. New Cable modem from the provider, new cables, new router, new laptop. 2) I've tried using a wired instead of wireless connection to the users router with the same results. 3) I've updated the laptop to the latest VPN software and OS patches along with the latest firmware on the router. 4) I've gone over the router in the users home. I'm no wireless expert, but I have setup enough in my time to know what I am doing.
5) I've tested the laptop with 100% success connecting through our VPN from other random wired and wireless access points (Wireless tether on a smart phone, my home network, free wireless from a coffee shop.) 6) I've called and talked to the service provider. They claim there is nothing wrong. Typical...

My conclusion so far is that my users internet service has problems. I'm wondering if there is something I can run to test the connection between my users home network and the servers here at work. I am looking for a log I can show the ISP technicians to prove that they're wrong about nothing being wrong. Otherwise, I have no other ideas, this machine (along with all the other VPN user's machines) works and connects great while it's outside of this particular user's home network.

Any help would be greatly appreciated.

score 2 · Answer 1 · answered Apr 28 '11 at 14:02

2

Why not configure the client to use Outlook Anywhere (RPC over HTTP) instead of connecting via the VPN connection. That is afterall, what it's for.

http://office.microsoft.com/en-us/outlook-help/use-outlook-anywhere-to-connect-to-your-exchange-server-without-vpn-HP010102444.aspx

http://technet.microsoft.com/en-us/library/aa996922.aspx

answered Apr 28 '11 at 14:02

joeqwerty

108,377
6
80
171

Some organizations might consider that less secure. My company's parent organization did, anyway, and disabled RPC over HTTP, opting to allow Outlook to connect only while over the VPN or internal network. – Brenton Taylor Apr 28 '11 at 14:19
And with only SSL access enabled? – Zayne S Halsall Apr 28 '11 at 18:50

score 0 · Accepted Answer · answered Apr 28 '11 at 14:15

Honestly, there's a whole new set of complications when you throw "VPNs" into the mix. Everything from a simple gateway mis-match to MTU issues. Without going through the complexities, there's a few things you can look for. For connecting to exchange externally, it's usually simpler to just use ActiveSync or OMA... or even OWA... and skip the VPN entirely.

1) Do the subnets overlap? i.e. is the "home" network using 192.168.1.X and the remote LAN also using the same network subnet? If so, you can simply change the "home" subnet to another ip-block & you will probably see a lot of problems removed.

2) Have you checked the max packet size through the ISP & VPN separately? i.e.

ping -l 1500 your.exchange.ip.address

You may need to make the "-l size" parameter smaller until you find the allowed MTU... and adjust the network interface to match. There can be all sorts of problems when you hit the MTU and packets get silently dropped rather than fragmented. Some packets cannot be fragmented. If you're able to ping through your ISP with a 1492 MTU (to google or wherever), but nothing more... when you add the VPN overhead on top of that... you're looking at an even smaller MTU on the VPN interface (1476 if my math is correct). Any packets larger than that will get dropped.

3) What OS is this workstation running? XP sometimes has issues authenticating with domain-controllers over VPNs due to the "default" behavior of XP & Kerberos authentication. (by default XP uses UDP packets which have even more problems with the MTU. But there is a fix! http://support.microsoft.com/kb/244474)

4) Is he connecting over wireless? i.e. laptop -> vpn -> wireless -> router -> cable-modem -> ISP -> etc... That can cause several additional quirks that are very difficult to diagnose & fix. Try simplifying as much as possible... and see if that has better results (i.e. use a Ethernet cable rather than wireless).

... this is just a small sampling of some things that could be wrong. This is not a subject for the faint of heart to delve into.

score 0 · Answer 3 · answered Apr 28 '11 at 16:21

How about capturing the network traffic on the user's workstation. Windows XP includes the Network Monitor Capture Utility (Netcap.exe). Details at http://support.microsoft.com/kb/924037

The user can easily initiate it from the command line. It runs unobtrusively creating a file which you can then process. I have found it very useful in the past

Looking for a means to monitor a users network connection

3 Answers3