Hello,
I want to connect to my Company's VPN and read my e-mails.
My Company uses a Nortel Contivity switch to which I successfully connected with Bluefire Mobile Security VPN v2.7.5, Build 706 (IKE=DES+MD5+DH1; IPsec=3DES+MD5+LZH+PFS; NAT traversal active), using a cellular HSDPA connection. Now comes the bad part: I cannot configure Outlook to use the Exchange server nor the IMAP or POP servers (I tried with Flexmail 4 but with the same results) - it always say that the servers are not accessible. As far as I could figure it out, it seems that after the tunneling is operational, Outlook or any other software still tries to access the internet through the cellular connection (I tried to traceroot some addresses and it ALWAYS goes through the cellular line (not the tunneled connection).
What would be the correct settings in my connection manager so I could access the my Company's Exchange / POP / IMAP servers after I setup the VPN manually with Bluefire?
Thanks a lot!
DO you work for VZ ?? i too would like to connect to my vpn network ... I spoke to our techsupport and advised that wasnt possible ...just for bllackberry ... which i found odd ... i would be interested tofind out how to also
TheAlphonso said:
Hello,
I want to connect to my Company's VPN and read my e-mails.
My Company uses a Nortel Contivity switch to which I successfully connected with Bluefire Mobile Security VPN v2.7.5, Build 706 (IKE=DES+MD5+DH1; IPsec=3DES+MD5+LZH+PFS; NAT traversal active), using a cellular HSDPA connection. Now comes the bad part: I cannot configure Outlook to use the Exchange server nor the IMAP or POP servers (I tried with Flexmail 4 but with the same results) - it always say that the servers are not accessible. As far as I could figure it out, it seems that after the tunneling is operational, Outlook or any other software still tries to access the internet through the cellular connection (I tried to traceroot some addresses and it ALWAYS goes through the cellular line (not the tunneled connection).
What would be the correct settings in my connection manager so I could access the my Company's Exchange / POP / IMAP servers after I setup the VPN manually with Bluefire?
Thanks a lot!
Click to expand...
Click to collapse
!!!up!!!!!
when you configure your email account dont you specify which internet connection it should try to use? so shouldnt youspecify that your work conection is he connection that it should use to check mail.?
Related
I've just set up a small wireless network at home through which I intend to use several devices to connect to the internet through my LAN!
The LAN gateway is running ISA 2004 and my home computer is running the necessary Firewall client (a completely secure connection with username and password)!
Now everything's working fine... the pocket pc hooks up just right and i can browse the network and do what I could probably do using my own personal computer BUT the internet doesn't work!
It keeps asking me for a username and password (which like i usually provide in internet explorer on my personal computer) which i do supply... three times in a row after which it gives me an error saying that ISA cannot authenticate me!
The home computer doesn;t run the internet without the firewall client, and i'm supposing the pocket pc is facing the same dilemma! is there any way to circumvent this issue? perhaps a mobile version of the isa firewall client?
Please help. Thanks!
afaik there isn't a mobile version of the firewall client.
I set my ISA server to allow anonymous internet access ,and set all my machines up as secure nat clients (set isa servers ip as default gateway, I use a dhcp scope to do this). There is lots of info on this on microsofts ISA server website, I'd suggest a look there first, or try a google for secure nat.
Good luck, works well for me but ymmv.
HI guys,
Does anyone know how to get a static IP address when using the GPRS connection to the internet. The reason being is because our corporate firewall has to recognise the device through it's IP. Is there any other possible methods for recognising the user?
Also does a VPN work well over GPRS and is there any extra configuration involved on the VPN server
Cheers
Any answers would be great.
Unfortunately there is no simple answer to your question. AFAIK you cant get a fixed ip on gprs, but if your using the right firewall and the right vpn host you dont need to.
I use and supply windows sbs 2003 servers and vpn into them regularly. I have also used citrix to achieve similar results. Might be a bit difficult to persuade your firms it dept to set up something like that for 1 person though.
PM me if youd like any advice.
BillyB said:
HI guys,
Does anyone know how to get a static IP address when using the GPRS connection to the internet. The reason being is because our corporate firewall has to recognise the device through it's IP. Is there any other possible methods for recognising the user?
Also does a VPN work well over GPRS and is there any extra configuration involved on the VPN server
Cheers
Any answers would be great.
Click to expand...
Click to collapse
Hello Billy,
You ask a good question, but the answer isn't simple. Most carriers do have two types of APN (Access Point Name) provision for your SIM: "private" APN (which provides a non-routable IP assignment from behind a NAT, for basic browsing and e-mail functionality) and "public" APN (that provides a routable IP assignment, which is the Minimum Requirement for a more sophisticated connection type, such as VPN, etc). However, both of them are assigned by a DHCP (Dynamic Host Configuration Protocol) Server on a GGSN (Gateway GPRS Support Node) of your particular GPRS network operator. In either case, the end result will obviously be a DYNAMIC IP address on your GPRS terminal (be it a laptop PC, a PDA, or phone)
Some carriers do offer what is called a "dedicated APN" provision, which gives the subscriber their own IP range to choose from (almost like a small subnet), but it is only available to corporate giants like Pepsi (for example).
Now, to sum it up, you must have the proper APN provisioned on your Mobile SIM account (which the provider will normally call something like a "VPN data package" in billing terms). Then, you must obviously establish a GPRS session before you can connect your VPN client (but remember that most basic VPN clients work the best). It is pretty sad to say, but Microsoft Windows-embedded VPN client on Win2k/XP Pro so far has performed the best with no quirks whatsoever. It has to be via PPTP...L2TP has also worked for me..otherwise, the fancier (and more secure) the VPN tunneling protocol, the more its likely to fail. Normally all you need for a basic MS WIndows VPN client config is the Server name (or IP address), the user name, and the password.
Hope this helps,
Let me know how it goes,
Alex
PS. PM me if you have further questions.
VPN and TS Its like pulling teeth
hi all this has got to be the most anoying problem ever. i can connect to O2 vpn access point and hence i can connect to my work vpn server. however as soon as i try to open a TS connection to my desktop (through the vpn) the VPN connection is dropped and i never connect. Can anybody tell me why? if i have a vpn connection to my work server why does TS try to make another connection and bomb out the original. Is there a fix or another way of doing this i.e. does a external IP have to be nat'd to my desktop IP on port 3389? all help greatly appreciated. Ian
Hi Guys,
I have got a problem connecting to any wifi network and accessing the internet. The problem is rather confusing beacause at home i can access the shared drives on my PC over wifi, and i can also download email messages into the messaging client, but the internet does not work?
Is it something to do with the DNS settings (or lack of DNS server) in the network cards screen, and if so does anyone have the DNS servers for O2 ( i know they start 193.x.x.x)
thanks
The O2 DNS servers are:
193.113.200.200
193.113.200.201
However, I have a feeling that's not what you need; you probably want to use the DNS servers from whoever provides you home internet connection (since that's how you're connect to the internet; not via 02)
good luck
Thanks, i've put those in and will see if they work again. It did work before i "accidentally" set it to automatic :? lol
Hi all,
my device (iMate Jasjar 1.13.53 WWE on WM5) syncs without problems through my office-pc with the exchange server standing at the office. This is a wired connection, working through ASync 4.1 (USB).
If I disconnect the USB-Cable, hence force the device to sync through another connection, it will try my GPRS-settings. The GPRS-settings work normal for Internet and eMail. After some time of trying I get the error 0x80072EE2 "The server could not be reached. This can be caused by temperary network conditions"
The server is working normal though.
Does anybody have some advice for a newbie (absolute no network specialist). My exchange server administrator is new to this as well. So if I would be able to read into this somewhere, or get some insider tips it would be very helpful and highly appreciated.
with kind regards,
Ruud Westerhout
how do you have the server name entered in the activesync settings?
are you using ssl?
has it ever syncronized w/o having it connected to pc?
does the exchange server have a public IP address?
thanks for fast reply,
as we are a little apart (time-wise) I am at home already and not able to answer all :
my server is at : mail.al????.ru
I was told to sync like :
Server address : mail
This server requires en encrypted (SSL) connection : NO
User name : the one I am allowed with to enter our network
Password : my usual password to enter our network
Domain : al????.ru
Save Password : YES
If there is a conflict : Keep items on my device
Event logging : Brief
With these settings like this, I was able to sync with the exchange server while connected through USB. ASync was getting a special allowence and the Microsoft Firewall Client was disable for it.
It has never been syncing wireless in any way, only USB, in the office.
I presume we have a public IP address, but I should counter ask my administrator about this.
If You have any ideas after reading this data, please shoot ;-)
The answer on IP I will add (or edit) tomorrow.
regards,
Ruud
yeah. it depends. if it is synching through USB, for me it is hard to tell if you are synching directly to the exchange server or to the workstation. if you have a mail profile setup on your machine and you are synching with activesync. on your desktop with activesync does it specifically show that it is synching with your exchange server? actually better yet if you run activesync the screen will tell you the last syncronizations. you will have an "Exchange Server" section and the last time it synched and probably a "Windows PC" section.
If your Exchange Server section has a synchronized time then your settings are correct. (The time should also be the same as your Windows PC time)
If it has something like Never synchronized or something other than a successful synchronization time, then those settings may not be correct or something is not right on the exchange server or network.
So if you do have a successful timestamp for the "Exchange Server" field, then everything on your device is good. The problem may be that either the exchange server does not have a public ip or a dns issue. (you can try to resolve the latter by putting in the IP of the server instead of the dns name in the server field for AS)
If it still doesn't work then it could be a firewall issue in front of where the exchange server sits.
Hi ccisn,
I actually am syncing with 3 different things. My Home-PC, my Office-PC and also the Exchange Server at the office. I get all synced and a correct time stamp with all, this works.
f.e. My contacts are synced with both Home-PC and Exchange Server (not the Office-PC anymore as this is not possible)
So I understand that the settings in my PDA are then correct and I should be searching for the problem in Server, Firewall, IP / DNS Settings.
I will try this idea of putting the IP though (as soon as I will get it tomorrow)
thanks for now,
Ruud
Update :
I inserted the fixed-IP our Exchange Server has into the address field and with this input the server did not even want to sync whilst I have a USB-ASync connection.
Question for my understanding :
Is the following a technical possible setup ?
-At home I connect through USB giving me access to my Home-PC and the internet. The PDA will sync with the home-PC and the exchange server which he will find through the internet.
-At home I connect through WiFi giving me access to the internet. The PDA will sync with the exchange server which he will find through the internet.
-At the office I connect through USB giving me access to my Office-PC and the exchange server. The PDA will sync with the Office-PC and the exchange server which he will find through the office network.
-On the road I connect with a GPRS- (or eventually UMTS-) connection which will give me access to the internet. The PDA will sync only with the exchange server which he will find through the GPRS-connection.
regards,
Ruud
I am sure the problem is, that you cannot sync over the public Adress with the Exchange Server, because there is only Port 25 for SMTP from the internet to the server, and this port is not for Outlook Connection and these things
No company ever had a Exchange all-open on the internet! try to sync within your local network and the internal-name of the server!
Well syncing within the Network works. If I connect with USB to the office-pc I can sync to both office-pc as well as exchange server.
Do I understand correctly that I can forget (not realistic) to sync wirelessly (GPRS, UMTS) while on the road ?
I just hoped that this way I could receive contacts / calender items from my secreatary on the road.
Ruud
The Exchange Server is open on your local network, thats why you can sync. But from the internet, there ist only mail access (and maybe a few other ports that the admins opened) to the exchange.
Talk to your admins, and ask if it's possible to connect with a VPN to your office. Over these VPN Connection you can sync with your exchange.
Ruud Westerhout said:
Update :
-At home I connect through USB giving me access to my Home-PC and the internet. The PDA will sync with the home-PC and the exchange server which he will find through the internet.
-At home I connect through WiFi giving me access to the internet. The PDA will sync with the exchange server which he will find through the internet.
-At the office I connect through USB giving me access to my Office-PC and the exchange server. The PDA will sync with the Office-PC and the exchange server which he will find through the office network.
-On the road I connect with a GPRS- (or eventually UMTS-) connection which will give me access to the internet. The PDA will sync only with the exchange server which he will find through the GPRS-connection.
Ruud
Click to expand...
Click to collapse
Yes to all of the above.
The vpn solution should work too if your environment supports PPTP connections. Most don't and only allow IPSec or L2TP connections which is a whole other mess to get to work on handheld devices.
As to the ports. It a little different for synching with Exchange. It only requires HTTP (80) or HTTPS (443).
If you can use Outlook Web Access then you can sync over the air with your phone. (Assuming that all the Mobile Sync settings are correctly set up on the Exchange server) Which in your case sounds like it is.
I want to use PPTP vpn connection to my work together with Remote Desktop (Teminal Service) application.
The PPTP vpn connection is established successfully.
From my work PC I can ping the pptp ip address of my PPC.
However if I switch to an application which would generate internet traffic (such as terminal services, internet explorer) my PPTP connection drops.
On my vpn server I get the logs and see the disconnect reason as "user requested)
What is the problem ?
Thanks...
hi,
I guess nobody has such experience with vpn connections.
where can I find information about this problem ?
thanks
Hi, I have the same problem more or less
see http://forum.xda-developers.com/showthread.php?t=291208
I have the same problem when trying to use Skype. My office also requires the use of a VPN (PPTP) when connecting via the wifi.
Skype connects, I can make calls, but the connection is dropped after 30s (the VPN is closed). Oddly enough, it I have the impression I prevent the VPN connection from dropping by using Pocket Internet Explorer at the same time (I have tried creating a website that automatically refreshes every 10s, but this didn't keep the VPN open). The Messaging client als shows odd VPN behaviour: it always closes the VPN, and opens it every time send/receive is selected.
I suspect not all programs keep the VPN open, even despite the fact that those programs are generating traffic over the connection.
Any hints or suggestions are greatly appreciated!
Jorg
(sorry, I can't edit posts in Opera Mini)
MarsRover: I have changed the AlwaysOn registry setting in the registry (in the folder of my work vpn). Ii appears to have changed the Messaging behaviour (but I need further testing to be sure). Tomorrow I'll see if it changed the Skype connection.
Thanks for the suggestion, if it works it ought to be put in the FAQ.
Jorg
Hi,
MarsRover,
I couldn't understand the solution. Can you explain ?
My situation is :
I am using Wifi connection to access internet. This connection is selected as my internet connection.
My pptp vpn connection is set under my Work connection.
So when I use the pptp connection I connect to Work over Internet.
But then it gets dropped if I open internet explorer.
If I set "*/*" to my intranet addresses, I have to connect to everywhere over my VPN connection. This is not good because I don't want to use VPN connection for Web browsing etc.
There must be another way ? Don't you think so ?
Btw, if I set AlwaysOn to "1" in registry , and then check it back after a connection is made, I see it is "0" again.
Hi
You do not have to redirect all traffic through the VPN you can pick and choose under settings>connections>advanced>exceptions just add the urls you need. ie so instead of */* use the specfic range ie 10.0.0.*/* or whatever range your work uses. One more issue however if the wirless ip range overlaps the internal VPN work range you may still have isssues. ie if your wireless ip address range is 10.0.0.x and your vpn range is 10.0.0.x then even if you add 10.0.0.*/* in the exceptions it may still try the wireless link rather than the vpn link for your TS etc. If you get my drift. There is a discussion on this here:
http://forum.xda-developers.com/archive/index.php/t-217422.html
Stephen
Thank you Stephen.
In fact, I am aware of how the exception list works. I can add the IP addresses which I want to reach via work vpn.
However, I still wish that there was a way to use VPN connection manually without using an exception list.
Isn't this possible ?
mrmrmrmr said:
.... This is not good because I don't want to use VPN connection for Web browsing etc....
Click to expand...
Click to collapse
This is good for me because I DO WANT to use VPN for all network access.
mrmrmrmr said:
Btw, if I set AlwaysOn to "1" in registry , and then check it back after a connection is made, I see it is "0" again.
Click to expand...
Click to collapse
It happens if you use settings->connections to view/change settings
hello...
i haven't a clue if this helps...
in my firm theres a cisco vpn connection... i search a long time for a programm that i can use with that vpn connection...
finally i find one... NCP Secure Client... works for me... maybe it helps you...
futureshock said:
hello...
finally i find one... NCP Secure Client... works for me... maybe it helps you...
Click to expand...
Click to collapse
where can I find it ?
does it connect to cisco vpn concentrator / ASA ?
there is also AnthaVPN from AnthaSoft but it's not very reliable.
PPTP
Bluefire seems to work fine with IPSec, but I need PPTP (IPSec requires NAT-T in most cases with GPRS/3G).