Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 33 subscribers
  • Views 28982 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Communication with office 365 products

NicoVerheyen

Hi,

we experience serveral problems for our clients behind an XG firewall that are trying to comunicate with the microsoft services.

problems experienced:

- office-  (and some windows- ) updates not working.

- onedrive sync interruptions/new files not arriving after online update.

- outlook not receiving the latest mails spontaneously. Restarting outlook receives new mails.

 

By adding some lines in the Web Exceptions, I managed to solve the first 2 problems. there's a "Microsoft windows update" exception that I altered to:

^([A-Za-z0-9.-]*\.)?edgesuite\.net/
^([A-Za-z0-9.-]*\.)?microsoft\.com/
^([A-Za-z0-9.-]*\.)?office365\.com/
^([A-Za-z0-9.-]*\.)?office\.com/
^([A-Za-z0-9.-]*\.)?windowsupdate\.com/
 
only problem remaining is that new mails are not flowing in without restarting outlook. I'm experiencing this for several customers behind seperate XG firewalls.
 
does anyone have any sugestions please?


This thread was automatically locked due to age.
Parents
  • 0

    I now have disabled both web and application filtering (set to none) and the problem still persists. Looks like the client is still asuming the connection is active and that push notifications are not send to the client.

    The connection state for outlook 2016 is connected.

     

    Allthough i agree this could be a problem within outlook and/or office 365, i want to stress that I see this behaviour/problem on 2 seperate clients, with 2 seperate domains and online tenants. Only similarity is the presence of a sophos firewall. an XG115 and an XG210. Both on latest firmware.

     

    Then, i noticed these posts: 

    https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-feedback/95909/fw-log-could-not-assocate-packet-to-any-connection-when-ips-enabled

    https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-feedback/96650/numerous-could-not-associate-packet-to-any-connection-messages-in-the-firewall-log

     

    looking at the firewall log, i see similar patterns. traffic is denied, after seeing a similar trafic working several mintutes before.

    Time,Log Comp,Action,Username,Firewall Rule,In Interface ,Out Interface ,Source IP,Destination IP,Source Port,Destination Port,Protocol,Rule Type,Message ID,Live PCAP,Message,
    2018-04-25 11:29:56,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,65020,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:29:56,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,65020,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:29:25,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,65020,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:28:40,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,65020,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:28:05,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,65020,443,TCP,1,00001,Open PCAP,,
    2018-04-25 11:08:19,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64619,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:08:19,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64619,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 11:08:03,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,64619,443,TCP,1,00001,Open PCAP,,
    2018-04-25 10:56:05,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:55:20,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:54:35,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:53:50,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:53:05,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:52:20,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:51:35,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:50:50,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:50:05,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:49:20,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:48:35,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 10:48:00,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,64171,443,TCP,1,00001,Open PCAP,,
    2018-04-25 10:28:05,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,63823,443,TCP,1,00001,Open PCAP,,
    2018-04-25 09:37:47,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,62791,443,TCP,1,00001,Open PCAP,,
    2018-04-25 09:27:45,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,62600,443,TCP,1,00001,Open PCAP,,
    2018-04-25 09:07:41,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,62270,443,TCP,1,00001,Open PCAP,,
    2018-04-25 08:17:31,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,61192,443,TCP,1,00001,Open PCAP,,
    2018-04-25 08:15:34,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:14:49,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:14:04,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:13:19,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:12:34,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:11:49,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:11:04,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:10:19,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:09:34,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:08:49,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:08:04,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 08:07:29,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,61021,443,TCP,1,00001,Open PCAP,,
    2018-04-25 07:57:26,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,60857,443,TCP,1,00001,Open PCAP,,
    2018-04-25 07:37:21,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,60488,443,TCP,1,00001,Open PCAP,,
    2018-04-25 07:17:16,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,60153,443,TCP,1,00001,Open PCAP,,
    2018-04-25 06:35:08,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:34:23,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:33:38,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:32:53,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:32:08,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:31:23,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:30:38,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:29:53,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:29:08,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:28:23,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:27:38,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:27:03,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,59307,443,TCP,1,00001,Open PCAP,,
    2018-04-25 06:25:07,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:24:22,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:23:37,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:22:52,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:22:07,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:21:22,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:20:37,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:19:52,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:19:07,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:18:22,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:17:37,Invalid Traffic,Denied,,0,,,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,0,01001,Open PCAP,Could not associate packet to any connection.,
    2018-04-25 06:17:02,Firewall Rule,Allowed,,2,Lag10Gbit.2,Port2,192.168.0.60 ,104.225.98.130 ,59150,443,TCP,1,00001,Open PCAP,,
  • 0 in reply to NicoVerheyen

    I've now put an XG Home in my testlab and am experiencing the same problem. outlook to o365 issue. Push notifications are not comming in. therefor i need to restart my outlook to make te latest mails come in. So this is the 3 location with different OS, office version that has the same issue behind an up to date XG firewall.

  • 0 in reply to NicoVerheyen

    Ok, after talking to support i have confirmation that the webproxy of the XG is causing this issue. They send me a list of ~250 url exceptions to add. that's quite a lot, knowing we have quite some XG firewalls running.

     

    I compiled an import file to import the complete list to the Web -> exceptions list. (no existing will be touched, unless the have the same Name 'Office 365').
    Let me know if someone wants it.

     

    I'll come back and post results. No user feedback yet, but works in my lab.

Reply
  • 0 in reply to NicoVerheyen

    Ok, after talking to support i have confirmation that the webproxy of the XG is causing this issue. They send me a list of ~250 url exceptions to add. that's quite a lot, knowing we have quite some XG firewalls running.

     

    I compiled an import file to import the complete list to the Web -> exceptions list. (no existing will be touched, unless the have the same Name 'Office 365').
    Let me know if someone wants it.

     

    I'll come back and post results. No user feedback yet, but works in my lab.

Children
  • 0 in reply to NicoVerheyen

    would be great to get a copy of that import list.

    how is it going since you applied it?

    thanks

  • 0 in reply to NicoVerheyen

    Hello,

     

    I experience the same problem on Outlook connected to Office365 which not sync the latest mail after some inactivity time, untill we restart Outlook.

     

    Could you please send the import file with urls ? And the right way to import it in all of the XG's of my custommers without adding 1 by 1 the urls into the firewalls...

     

    Thank you ! 

  • 0 in reply to LuCar Toni

    Thats the list i am aware of. Unfortunately importing them is a long & tedious process especially with 30 + XG's out there. If you have any best practice or a guide on how to import this via SFM & API it would be much appreciated.

  • 0 in reply to Adam Rippon

    Hello everyone. my findings so far:

    - The problem is not resolved using theses exceptions (yet?)
    - XG115 cant handle a list longer then 120 lines in the web exceptions. not sure if it also applies to the scan engine, but the admin interface does not allow to add more than 120.
    - office updates and installations do not work persistent

    fyi: we run SFOS 17.0.6 MR-6 on 20isch firewalls going from xg105 up to xg210

    so, whats my procedure to add this looooong list: first, to get an example file, extract the current web filter exceptions:

    - go to 'Backup & Firmware' -> 'Import Export'
    - select 'Export Selective configuration'
    - in the list select 'WebFilterException' (use the search/autocomplete) and click apply
    - click export. A .tar will be downloaded.

    Then for editing the file I use 7zip and notepad++

    - open the tar in 7-zip
    - extract the 'Entities.xml' file to a location on you hd and open it with notepad++
    - From here, if you understand xml, you should be able to figure out how to edit a webfilter exception

    What I did:

    - I deleted all <WebfilterException> except for one.

    - I then started editing:

    <?xml version="1.0" encoding="UTF-8"?>
    <Configuration APIVersion="1700.1">
    <WebFilterException transactionid="">
    <Name>Office 365 part 1</Name>
    <Desc>Allow O365 communication part 1</Desc>
    <NewName>Office 365</NewName>
    <Enabled>on</Enabled>
    <HttpsDecrypt>on</HttpsDecrypt>
    <VirusScan>on</VirusScan>
    <PolicyCheck>on</PolicyCheck>
    <EnableSrcIP>no</EnableSrcIP>
    <EnableDstIP>no</EnableDstIP>
    <EnableURLRegex>yes</EnableURLRegex>
    <EnableWebCat>no</EnableWebCat>
        <DomainList>
           <URLRegex>^([A-Za-z0-9.-]*\.)?office\.com/</URLRegex>
            ....
           </DomainList>
      </WebFilterException>
    </Configuration>

     So, you paste the complete list you have at the spot of the ....
    Then you start to do a string replace in the editor. for example:
    - replace all '^([A-Za-z0-9.-]' by '<URLRegex>^([A-Za-z0-9.-]' (without the quotes)
    - replace all '/' by '/</URLRegex>' (without the quotes, carefull with this one, do it step by step as there are long url's in the list that should not be altered)

    Well, you get the picture, make sure the xml is correctly completed. you should get something like:

    <?xml version="1.0" encoding="UTF-8"?>
    <Configuration APIVersion="1700.1">
    <WebFilterException transactionid="">
    <Name>Office 365 part 3</Name>
    <Desc>Allow O365 communication part 3</Desc>
    <NewName>Office 365</NewName>
    <Enabled>on</Enabled>
    <HttpsDecrypt>on</HttpsDecrypt>
    <VirusScan>on</VirusScan>
    <PolicyCheck>on</PolicyCheck>
    <EnableSrcIP>no</EnableSrcIP>
    <EnableDstIP>no</EnableDstIP>
    <EnableURLRegex>yes</EnableURLRegex>
    <EnableWebCat>no</EnableWebCat>
    <DomainList>
    <URLRegex>^([A-Za-z0-9.-]*\.)?ssdesktopbuild\.blob\.core\.windows\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?s-0001\.s-msedge\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?s-0002\.s-msedge\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?scsquery-ss-us\.trafficmanager\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?scsquery-ss-eu\.trafficmanager\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?scsquery-ss-asia\.trafficmanager\.net/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?giphy\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?latest-swx\.cdn\.skype\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?a\.config\.skype\.comb\.config\.skype\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?testconnectivity\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?client\.hip\.live\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?wu\.client\.hip\.live\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?support\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?activation\.sls\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?65\.52\.98\.231:443/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?crl\.microsoft\.com/x&gt;pki/&gt;crl/&gt;products/ex&gt;MicrosoftProductSecureServer.crl</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?157\.55:443/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?crl\.microsoft\.com/pki/crl/products/MicrosoftRootAuthority.crl</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?157\.55\.160\.109:443/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?crl\.microsoft\.com/pki/crl/products/MicrosoftProductSecureCommunicationsPCA.crl</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?157\.55\.192\.81/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?www\.microsoft\.com/pki/crl/products/MicrosoftProductSecureCommunicationsPCA.crl</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?168\.62/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?ols\.officeapps\.live\.com/olsc</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?officecdn\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?go\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?office15client\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?sls\.microsoft\.com/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?52\.230\.10\.183/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?52\.109\.124\.24/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?13\.107\.21\.200/</URLRegex>
    <URLRegex>^([A-Za-z0-9.-]*\.)?207\.46\.194\.14/</URLRegex>
    </DomainList>
    </WebFilterException>
    </Configuration>

    i created multiple webfilterException blocks as i had to split the long list because of the 120 limit. I also added some extra ip's in the list as i saw issues on these ip's in the logs

    Ok, when done, safe the xml file in the original location. Drag it back into the tar file that you still have open with 7zip and import it back into your firewall (use a sophos home in you lab to test your import!!)

    to end, my complete config as it is now: www.dropbox.com/.../AAASPyHbQEoSPgJ35-frOsEva

  • 0 in reply to NicoVerheyen

    So, this morning I've talked to Sophos support again. (Thanks Arkita)

    We've did some more changes in the config file wich seems to run ok for now. Will provide more feedback later for other test location.

    https://www.dropbox.com/s/io15lxbl8r3xlr5/API-o365-sophos.tar?dl=0

  • 0 in reply to NicoVerheyen

    Hello,

     

    Thank you for your config file.

     

    Let us know if this config works for you now, then I will apply it on all of the XG's I manage.

  • 0 in reply to NicoVerheyen

    Hi Nico,

     

    I have been trying for two days now to import a .tar file.  Everytime is comes up and says it cant import because it only accepts .tar format.  I am so mad i want to punch the screen because that is exactly the format i am using.

  • 0 in reply to Charles Johnson

    Charles, 

    not sure what exactly you are trying, but there's a tar attached in my last post, does that one work?

    if you want to make your own config, use 7zip, extract by dragging the file out the 7zip. Alter the file and drag it back in. 7zip will ask to update, click yes.

    N.

  • 0 in reply to VikenNajarian

    Sadly this has not resolved the problem. Allthough it doesn't happen as often, still connections between outlook and exchange are dropped. Also i have reports of some updates (office and windows) don't download and some microsoft websites not responding to 'save' actions (posts). For example the bookings tool from microsoft.