SSL Inspection - Office 365

Forum|Forum|10 years ago
March 15, 2016
2 replies
17414 views

Hi all,

I am trying to get Office 365 to work on site behind a Fortigate 50E. Unfortunately I'm having a lot of trouble.

I found this document: http://cookbook.fortinet.com/exempting-google-ssl-inspection/

I was able to translate that into 5.4 and create the addresses that should be used by Office 365, but it still isn't working. When I look at the IP4 policy, it appears to just be doing SSL Certificate Inspection. Do the exceptions I put into the Deep Inspection apply to SSL Certificate Inspection as well? Because that is very not clear. And if not, how do I exempt sites from SSL Certificate Inspection?

Thanks!

dansealsAuthor

New Member

This was actually being blocked in Webfiltering because the autodiscover.domain.com was unrated, which was set to block by default. I created an exception for it and changed the category from unrated to business IT use, and it now works.

Thanks!

SamuelMartin

New Member

From a web browser point of view, Office 365 Trial is just like any other web app. With SSL Decryption enabled, all the Software Blades you've enabled should work (including AV).

bartman10

New Member

I was about to say I had no issue with SSL inspection on O365 other than needing to exempt Lync traffic because Lync knows what the SSL cert should be and refuses to work if you monkey with it.

But I allow unrated because of what seemed like never ending issues with sites that are not rated... but perhaps I should revisit my decision..

Oh silly me.. I forgot SSL inspection offload is broken on my 300C in 5.2.6 and Fortinet has no idea why.. After a month support just figured out they changed the way SSL offload is done in 5.2.6 and that's why these 2 offload sub-processes are not spawning on my device.. so it's back to the drawing board for support to now figure out why it's still not working.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded