none
Outlook 2010 client can not connect over VPN to Exchange 2010

    Question

  • On of our clients can not connect to Exchange 2010 over VPN

    - Client: Outlook 2010 / Server Exchange 2010 all roles installed on 1 server.

    - Other Clients does not have this problem

    Tests already performed:

    - ping ip / dns name / fqdn exchange server works

    - telnet 25 ip / dns name / fqdn exchange server works

    - new profile added, name can not be resolved.

    Any other ideas how to solve this?

    Best regards,

    Kenny

    Wednesday, July 27, 2011 11:47 AM

All replies

  • Hi

    How you configured the outlook profile? is that outlook profile configured using Auto Discover and now its throwing error?

    or w hile configure the outlook profile manually, you are getting this error?

    If you get this error while configuring the outlook profile manually. on the server page, enter the fully qualified domain name "exchange2010.domainname.com" as he server name and try to configure the profile.

    Also try to check by entering the user account which got configured on other machine. if it is configuring properly then there is some problem in this account. for the which is not configuring, check whether the account is set to hide from address list in exchange server

    Inform if any issue

    Thursday, July 28, 2011 11:28 AM
  • Configuring a new profile with FQDN doesn't help client keeps complaining about the name cannot be resolved, while the client connected over vpn can ping the name and FQDN of the server.

    Configuring the mailbox on another device works smoothly, so problem in client install related.

    I think I will reinstall outlook my last resort

    No DNS issues, no hidden accounts, profile recreated ...

    Thursday, July 28, 2011 3:01 PM
  • Hi Kenny,

    Here is my understanding of your issue: users connect to Exchange 2010 without any issues within company network. When a user tries through VPN outside the company, the client cannot connect.

    Can you tell what VPN the client is using? PPTP? SSL-VPN? or something else... Is the DHCP IP you get when connect through VPN in the same subnet as your Exchange server? If not, it is very likely a firewall issue.

    You mentioned you have tested port 25 with Telnet. Have you tried other ports with Telnet? The ports you need to have open are listed in this document. http://technet.microsoft.com/en-us/library/bb331973.aspx The one Outlook uses is RPC (TCP 135)

    You can quickly test the port by a command like below:

    telnet contoso-cas01  135

    If you get a black screen with a cursor, this means the port is open. If the command returns "Could not connect to hsot on port 135" then you got a firewall between your Exchange server and client. You need to check the firewall and open the ports.

    Friday, July 29, 2011 5:48 AM
  • Hi,

    If outlook anywhere is enabled on your exchange server, please configure the outlook to connect the exchange server by using RPC over HTTP. Please ensure that the 443 or 80 port are be opened for the VPN clients.

    By default, outlook use RPC MAPI protocol to connect to exchange server. It required the 135 port and many random port ( (6005-59530) ) to be opened. More information:

     

    http://social.technet.microsoft.com/wiki/contents/articles/configure-static-rpc-ports-on-an-exchange-2010-client-access-server.aspx

     

     

    Friday, July 29, 2011 10:35 AM
  • Maybe my explanation was not totally correct.

    Every user can connect to Exchange over a PPTP VPN, except one user. It's definitely a client problem. I am looking now for a tool to reset the total TCP/IP stack of this client. It seems the client is not able to register his dns name into dns even when I try to force with ipconfig /registerdns.

    Friday, July 29, 2011 1:15 PM
  • Time to use the Hosts file I guess... Just add the Exchange DNS and IP in the file see how you go...
    Monday, August 01, 2011 12:20 AM
  • I now have the same problem for my own on a fresh install of Outlook 2010.

    Trying to setup my client over VPN to Exchange 2010

    Message The action cannot be completed. The connection to MS Exchange is unavailable. Outlook must be online or connected to complete this action.

    I even set the encryption on the Exchange Server to false .... Set-RpcClientAccess –Server myexchangeserver –EncryptionRequired $False

    but this doesn't help

    Any other ideas ?

     

    Sunday, December 04, 2011 10:36 AM
  • In some scenarios this could be a NAT problem. Have seen this issue several times when users from an office location tries to connect to Exchange with VPN. It could help to configure the firewall rules so that the client keeps the original ip-adress and not given an new alternate adress on the firewall backbone interface.

    Kind Regard

    Geir Atle Paulsen

    Lead Architect - Infrastructure

    Wednesday, June 13, 2012 11:19 AM
  • Check to see if the user has put Outlook in their startup folder.  I've had some user who do that and when they startup at home stop it from starting up, connect to the vpn then start outlook.
    Friday, August 02, 2013 12:44 PM