CFS is blocking connections to Microsoft Office 365 Outlook application

10/14/2021 978 People found this article helpful 136,156 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

Company's Microsoft Exchange server in the network is hosted as Office 365 online services, when users try to access the mailbox, CFS doesn't allow connections to Microsoft Office 365 Outlook mailbox.

Resolution

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

In this case, we need to white list the domains which are supported by Microsoft Office 365 Outlook.

1. Click  Manage tab.
2. Navigate to Security Services | Content Filtering and make sure it is enabled and a CFS policy is applied.
   
   
   
3. On appropriate CFS policy, check the Profile associated (CFS Default Profile in this case).
4. Go to Objects | Content Filter Objects | CFS Profile Objects tab and edit the Profile above.
   
   
   
   
5. Click Create new URI List Object.
   
   
   
6.  In the URI list enter the each of the following domains and click Add.
   
   aadrm.com
   activedirectory.windowsazure.com
   glbdns.microsoft.com
   live.com
   lync.com
   microsoft.com
   microsoftonline.com
   microsoftonline-p.com
   microsoftonline-p.net
   microsoftonlineimages.com
   microsoftonlinesupport.net
   msecnd.net
   msocdn.com
   msn.com
   msn.co.jp
   msn.co.uk
   onmicrosoft.com
   office.com
   office.net
   office365.com
   officeapps.live.com
   outlook.com
   phonefactor.net
   Sharepoint.com
   Sharepointonline.com
   outlook.office365.com
   login.microsoftonline.com
   spoprod-a.akamaihd.net
   
   
7. Click OK in CFS policy configure window.
8. Click Accept in CFS settings.
   

How to Test:

Restart the Microsoft Outlook application and synchronize the mailbox.

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

In this case, we need to white list the domains which are supported by Microsoft Office 365 Outlook.

1. Navigate to Network | Zones.
2. Make sure that, CFS is applied to appropriate Zone.
   
   
3. Navigate to Security Services | Content Filtering | Configure
   
   
   
   
4. On appropriate CFS policy, click Configure button on right (Office 365 Allow policy, in this case).
   
   
   
   
5. Click Custom List tab.
6.  In allowed domains section, enter the each of the following domains and click Add.
   
   aadrm.com
   activedirectory.windowsazure.com
   glbdns.microsoft.com
   live.com
   lync.com
   microsoft.com
   microsoftonline.com
   microsoftonline-p.com
   microsoftonline-p.net
   microsoftonlineimages.com
   microsoftonlinesupport.net
   msecnd.net
   msocdn.com
   msn.com
   msn.co.jp
   msn.co.uk
   onmicrosoft.com
   office.com
   office.net
   office365.com
   officeapps.live.com
   outlook.com
   phonefactor.net
   Sharepoint.com
   Sharepointonline.com
   outlook.office365.com
   login.microsoftonline.com
   spoprod-a.akamaihd.net
   
   
   
7. Navigate to Settings tab, select Source of Allowed Domains to Per Policy.
   
   
   
   
8. Click OK in CFS policy configure window.
9. Click Accept in CFS settings.
   

How to Test:

Restart the Microsoft Outlook application and synchronize the mailbox.

Related Articles

• How can I enable multicast support?
• Accessing resources across network using Point to Point link
• Unable to access the junk summary URL using TCP port 10080

Categories

• Firewalls > TZ Series > Content Filtering Service
• Firewalls > SonicWall SuperMassive 9000 Series > Content Filtering Service
• Firewalls > NSa Series > Content Filtering Service
• Firewalls > NSv Series > Content Filtering Service