Office365 and Exhange Online

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Office365 and Exhange Online

L3 Networker

We are going to have a hybrid environment and need to allow some O365/Exchange traffic inbound from their cloud. They have a JSON list they publish. Can I use that as an EDL to allow the traffic inbound? Or do I need to filter that through something else?

5 REPLIES 5

Cyber Elite
Cyber Elite

Hello,

Microsoft give some ideas/examples on what you can do, however there is no direct edl that I know of. You can create your own using mindmeld.

https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service

 

I'd be interested in which way you go and if it is successful or not.

 

Good luck,

I download the CSV version of the file on one of our Linux boxes, parse the file, and spit it out to a file on the webserver on the same Linux box.

 

This is then added as an EDL.

 

Rob

Not sure the formatting of this will come out ok.

 

Requires

Linux with

"bash" a common shell.

"webserver" (Apache but NginX would work)

"mutt" for mail

"wget" for fetching the list

 

This is running on a Debian release, there is a cron task to run it daily.

 

The same should be doable with windows and PowerShell + IIS

 

#########################################################
#                                                       #
# Office 365 External Dynamic List Updater              #
#                                                       #
#########################################################
#                                                       #
# Credits -- Robin Clayton                              #
# Date -- 28/11/2019                                    #
#                                                       #
#########################################################
#                                                       #
# #1 Get the CSV of IP's from Microsoft                 #
# #2 Get the IP V4 SUBNETS                              #
# #3 Count the number, Send the e-mail                  #
# #4 Update the EDL web file                            #
#                                                       #
#########################################################
#                                                       #
# Change Log                                            #
# DATE       TIME     INITIAL      CHANEGE SUMMARY      #
#########################################################
#                                                       #
#                                                       #
#########################################################
#                                                       #
#                                                       #
#########################################################
#!/bin/bash


cd /home/administrator/365
### Remove Temp File
rm -rf rawllist
### Get CSV list from Microsoft and output to file rawlist
wget "https://endpoints.office.com/endpoints/Worldwide?ServiceAreas=Exchange&format=CSV&ClientRequestId=d6bc355c-51ff-48f5-acb0-dd42baf76b88" -O rawlist
### parse file rawlist to find IPV4 subnets and output to file EDL
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\/[0-9]\{1,2\}' rawlist > EDL
### Do a count of the number just for info.
IL=`wc -l EDL`
### Check for differences between last and current list.
DF=`diff EDL /var/www/html/of365edl.txt`
echo $IL

### if the file is not empty
if [ -s "EDL" ]
then
        ### Send an info E-Mail
        echo "We have $IL Subnets in todays External Dynamic List , /home/administrator/365/O365list" | mutt -e 'set realname=Office365EDL from=EDL@host1.local' -s "Office 365 External Lists Update" admin@org.co.uk
        ### Copy the list to the webserver folder
		cp IPL /var/www/html/of365edl.txt
### If the file is emty
else
        ### Send an info E-Mail        
        echo "The External IP file is blank, Not updating... /home/administrator/365/O365list" | mutt -e 'set realname=Office365EDL from=EDL@host.local' -s "Office 365 External Lists FAILURE" admin@org.co.uk
fi

 

Yeah code formatting not great!

L1 Bithead

Hi DPoppleton,

 

A few months ago, after the Office 365 deployment was completed in my organization, the same task popped up in my list. Having searched for quite a while, I couldn't find a relatively simple solution and MindMeld was considered an overkill for the setup and requirements at the time. So, I came up with my own solution, o365-json-to-flatfile-converter It's been running successfully and feeding my PAN FW's EDLs ever since.

URL: https://github.com/ivang-coder/o365-json-to-flatfile-converter.git

 

Try it out and see whether it fits the requirements. Would appreciate your feedback.

 

Cheers,

IvanG

  • 4048 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!