Technical Tip: Troubleshooting an Outlook connection issue
| Description | This article clarifies how to troubleshoot when Outlook shows disconnected. |
| Scope | FortiGate. |
| Solution | Autodiscover is a service used by Microsoft Outlook and other Exchange clients to automatically configure email profiles without requiring manual input from the user. It simplifies connectivity to mail servers and ensures that clients always connect to the correct endpoints. First, check for FortiGate event logs and forward logs to check if autodiscovery traffic is showing. Also perform nslookup for client machine to autodiscover.domain.com. Key Uses. Automatic Profile Configuration. Outlook uses Autodiscover to find mailbox server settings. Users only need to enter their email and password; all server, port, and protocol settings are retrieved automatically. CNAME and DNS Lookup. Autodiscover queries DNS for CNAME records like autodiscover.domain.com. These CNAMEs point to the actual Exchange or Microsoft 365 server. Ensures Outlook can locate the correct server even if IP addresses or server names change. PCAP Sample capture. DNS query Frame 9061: 87 bytes on wire (696 bits), 87 bytes captured (696 bits) on interface \Device\NPF_{54B5320D-083F-47A8-9D2B-4FEE212D0582}, id 0 Ethernet II, Src: Dell_91:ea:bb (8c:ec:4b:91:ea:bb), Dst: Fortinet_a9:88:e8 (90:6c:ac:a9:88:e8) Internet Protocol Version 4, Src: 172.14.15.111, Dst: 172.16.10.170 User Datagram Protocol, Src Port: 55320, Dst Port: 53 Domain Name System (query) Transaction ID: 0xa6c6 Flags: 0x0100 Standard query Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries autodiscover.domain.com: type A, class IN Name: autodiscover.domain.com [Name Length: 27] [Label Count: 3] Type: A (1) (Host Address) Class: IN (0x0001) [Response In: 9114] DNS Response Frame 9114: 138 bytes on wire (1104 bits), 138 bytes captured (1104 bits) on interface \Device\NPF_{54B5320D-083F-47A8-9D2B-4FEE212D0582}, id 0 Ethernet II, Src: Fortinet_a9:88:e8 (90:6c:ac:a9:88:e8), Dst: Dell_91:ea:bb (8c:ec:4b:91:ea:bb) Internet Protocol Version 4, Src: 172.16.10.170, Dst: 172.14.15.111 User Datagram Protocol, Src Port: 53, Dst Port: 55320 Domain Name System (response) Transaction ID: 0xa6c6 Flags: 0x8580 Standard query response, No error Questions: 1 Answer RRs: 3 Authority RRs: 0 Additional RRs: 0 Queries autodiscover.domain.com: type A, class IN Name: autodiscover.domain.com [Name Length: 27] [Label Count: 3] Type: A (1) (Host Address) Class: IN (0x0001) Answers autodiscover.domain.com: type CNAME, class IN, cname mail.domain.com Name: autodiscover.domain.com Type: CNAME (5) (Canonical NAME for an alias) Class: IN (0x0001) Time to live: 60 (1 minute) Data length: 7 CNAME: mail.domain.com >> This is the CNAME record which is Exchange server domain mail.domain.com: type A, class IN, addr 172.16.10.148 Name: mail.domain.com Type: A (1) (Host Address) Class: IN (0x0001) Time to live: 60 (1 minute) Data length: 4 Address: 172.16.10.148 mail.domain.com: type A, class IN, addr 172.16.10.149 Name: mail.domain.com Type: A (1) (Host Address) Class: IN (0x0001) Time to live: 60 (1 minute) Data length: 4 Address: 172.16.10.149 [Request In: 9061] [Time: 0.060644400 seconds] After this, Outlook connects to the Exchange server depending on the port configuration. After getting this output, it needs to check if the CNAME domain is correct and get the correct IP address in A records. |