Allow only inbound traffic from Microsoft o365 to hybrid Exch server?

Forum|Forum|4 years ago
June 23, 2021
1 reply
3774 views

Hello,

We are moving to a hybrid model for our Exchange system. The Exchange server that is going to be the link between on-prem and cloud has to have a public static IP address. Normally, when we allow traffic in from the outside to a server we restrict the ip range that can enter by using a address group on the source portion of the IPv4 policy. If I am correct in my research at Microsoft this is around 200 FQDN's including some wildcards. Wildcards don't make sense in this use because you can't do a dns lookup on a wildcard name - there could be an infinite number of subdomains. I'm sure I'm not the only Fortinet user with a hybrid model so what do you suggest? I just hate the thought of opening up the server to the whole world.

Thanks for any help!

GrahamRollerson

New Member

Hi GHGIT - did you ever get an answer to this? We have the same challenge but i cant find anything (so far) on the Forti site detailing best practice on how to implement a solution.

cheers

Graham

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded