Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Labt
New Contributor

Policy for Office365 doesn't work

Hello,

I have a firwall policy that allows a network segment to communicate to Office 365 (Internet Service: Microsoft-Office365). In the Forward Traffic I can see "accepted" for the rule, but on my client nothing happens.

 

Firewall ist 101F with Firmware v7.2.5 build1517

Is the old firmware the reason?

 

THX

Labt

7 REPLIES 7
hbac
Staff
Staff

Hi @Labt,

 

Do you have any Security Profiles enabled in the firewall policy? If yes, please disable them for testing. Are you getting any error messages on the client? 

 

Regards, 

Labt
New Contributor

Hello,

 

I had this idea too, but it doesn't solved the problem.

 

I put destination and services to "all", then the policy worked. So in my opinion it can only be the Internet Service.

 

Labt

hbac

@Labt

 

It depends on which application you are using or which website you are trying to reach. The destination IP might not be included in the Internet Service.  

 

Regards, 

esalija
Staff
Staff

Hi @Labt 

Please check your destination IP at which Internet Service is part.

Below you will find the Microsoft Office365 list on the FortiGate:

Microsoft-Office365

Microsoft-Office365.Published

Microsoft-Office365.Published.Allow

Microsoft-Office365.Published.Optimize

Microsoft-Office365.Published.USGOV

 

Best regards,

Erlin

Labt
New Contributor

OK

I take Edge and try to open https://login.microsoftonline.com

As I started I had only Microsoft-Office365 as destination. I just added 

Microsoft-Office365.Published

Microsoft-Office365.Published.Allow

but the problem still exists, white screen in the Edge browser.

So where ist the problem??

In my opinion Fortinet has done mistakes in the internet service!

 

Labt

akushwaha
Staff
Staff

Hi@Labt,

++ Checked the ISDB entry for Microsoft ISDB and see if IPs are available for the ISDB or not.
++ If the entry is empty, then update the database by the given and check : exe update-now
++ Also refer to the below article regarding the different ISDB groups for Microsoft Office 365 :
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Different-Internet-Service-Database-groups...

Regards,
Abhimanyu

 

 

Labt
New Contributor

Hello,

 

solved!

 

The solution is to take the right selection of Internet Services. As I took 

Microsoft Office 365

Microsoft Outlook

Microsoft Skype Teams

Microsoft Azure

it worked. 

 

THX

Labt

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors