[Openswan Users]
Help! - Unable to send email (exchange/mapi) with attachments from
remote (VPN connected) site using WinXP
Darius
dariusq2km at yahoo.com
Tue Apr 27 00:46:41 CEST 2004
Greetings,
We want to switch our remote office Win2K desktops to WinXP (Ok, ok - if
you are already jeering then please know that closed, proprietry OS's
are not my first choice either). Our remote offices use FreeSWAN (1.97
on RH 7.3) to get to an Exchange 5.5 server at our head office (where
Debian, RH and snapgear(linux/FreeSWAN) are used on servers, routers).
All Win2K/XP desktops are using Outlook 2000 (MAPI) to communicate with
Exchange.
Posting this problem here and expecting a soltion might be a longshot;
chances are this isn't a FreeSWAN config problem, but my testing
environment can't eliminate our FreeSWAN VPN setup from being part of
the problem at the moment. I'm hoping someone with a similar environment
will see this and have some constructive suggestions about how to fix
this problem, or diagnose the problem without replacing FreeSWAN with
another VPN product, or tell me that
WinXP/Outlook2K/Exchange5.5/FreeSWAN works for them !
Here's what I'm seeing ::
On Win2k systems at *remote* and *head* office - all features of Outlook
2000, (calendars, email, address books, offline storage OSTs etc.) seem
to work without problems.
On WinXP systems at *head* office - all features of Outlook 2000 also
seem to work without problems (same as Win2K).
On WinXP systems at *remote* office - all features of Outlook 2000 seem
to work without problems /EXCEPT, we can't send email with attachments./
I've made some captures (using ethereal) in an attempt to compare what
happens with Win2k Vs. WinXP when sending email with attachments from
the remote office;
- On Win2k the series of RPC/TCP interations seems very consistent and
predictable and it always works.
- On WinXP the series of RPC/TCP interations is also very consistent and
predictable, but very different from Win2K, and it never works.
Because of this I suspect XP's MAPI library (MAPI32.DLL ?) - Why would a
set of MAPI RPC calls made from a WinXP system succeed on a local subnet
but fail on a remote subnet? And why do an apparently different set of
MAPI RPC calls issue from a Win2k system and succeed on both local and
remote subnets?
Could WinXP's implementation of MAPI or RPC be expecting something that
is always present on the local network (eg. broadcasts) that are not
transmitted over the VPN? (It's very, very unlikely to have anything to
do with broadcasts, so please don't assume I think it does, or that this
is the problem. I'm just using it as an example of a difference between
local and remote networks).
I've been sweating over this for nearly a week now; any constructive
suggestions or descriptions of similiar problems/solutions would be very
much appreciated.
I'd just like to thank the FreeSWAN developers for providing such a
stable ipsec implementation (it's been running faultlessly here for
almost 3 years) and folks that create such high quality open and free
software such as linux and ethereal - all these people make a positive
qualitative difference to the experience of working in the IT support
business.
Kind Regards,
Darius
More information about the Users
mailing list