Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
IT_ZD
New Contributor II

Access to the Outlook365 mail server

Hello,

 

I hope everyone is doing well.

 
I have an isolated adreese to internet and I would like to open the flux only to the Office365 mailbox (App/Web access).
 
FGT200D
FortiOS : 5.2.7 Build718GA
 
Thank you in advance for your return.
 
Regards.
7 REPLIES 7
seshuganesh
Staff
Staff

Hi Team,

 

You need to create firewall policy to allow the traffic from that specific source IP address with destination as all the URLS and IP address mentioned in this website URL:

https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-world...

So that specific IP address will be able to access only these URL address

Please check and keep us posted

IT_ZD
New Contributor II

Hello Seshuganesh,

 

Thank  you for your return and information.

 

I will try and get back to you if needed

 

Thanks again for your great support.

 

Regards.

abarushka
Staff
Staff

Hello NEAHR,

FortiOS : 5.2.7 is very old and has already reached end of engineering support.

You may consider to configure to use ISDB. Please find more information about ISDB entry by following the link below:
https://www.fortiguard.com/encyclopedia/isdb/327880

FortiGate
IT_ZD
New Contributor II

Hello Abarushka,

 

Thank  you for your return and information.

 

Yes I know but the equipment is being replaced by a more performing Fortigate.

 

I'll follow the shared link and come back to you if needed.

 

Thx again for your great support.

 

Regards.

 

 

Muhammad_Haiqal

Hi NEAHR Mohamed. There are 2 ways to achieve this. 
1st - using Application Control. Only allow Office365 related applications.
2nd - using ISDB. Only allow IP address of Office365 related.

However, version 5.2.7 is already obsolete and no engineer support/signature will be release anymore. Signature keep changing from to time and i would suggest to upgrade the Fortigate to major version 6.2, 6.4 or 7.0. So you will have latest update on the signature  database to achieve your requirements effectively.

haiqal
IT_ZD

Hello Muhammad,

 

Thank  you for your return and information.

 

I will try and get back to you if needed

 

For the version of FortiOS yes I know but the equipment is being replaced by a more performing Fortigate and especially the support

 

Thanks again for your great support.

 

Regards.

IT_ZD
New Contributor II

Hello,

 

Sorry for my late return.

 

I hope you are all right.

 

Please, 

concerning the creation of the links to the microsoft servers I create them at which level :

- Addresses
- Services

Also, possible to copy and paste all ''FQDN IPV4 IPV6'' addresses on the same rule ? 

And for the indicated port I create it too ? or it is predefined. 

 

 

Outlook.PNG

 

Regards.

Top Kudoed Authors