Access from dynamic Office 365 URLs to internal ressources

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Access from dynamic Office 365 URLs to internal ressources

L0 Member

Hello,

Im using minemeld to get the dynamic address (URLs, IPs) from office 365.

 

If there are IP addresses, this works without problems via the EDL. In this case the EDL replace the source object.

What about addresses that have a wildcard in the URL? These EDLs cannot be selected from the source object and must be saved using the URL pattern filter. In order to allow an access from the Internet from any "*.mircosoft.com" or just "microsoft.com" do I have to set the source ip-address  to "Any" and set all categories except the EDL to block?

 

How do you allow access from the Internet via URLs?

 

 

1 REPLY 1

Cyber Elite
Cyber Elite

Hello,

So yes, you should have two policies. One for destination IP's and one for URL filtering. The firewall reads policies top to bottom and left to right. Meaning everything in the policy has to match before the firewall will use that policy.

 

i.e. if you have a policy that has a destination ip of 1.1.1.1 and a url filter to only allow google.com, the firewall will not use it since not all values are matched in the policy.

 

Hope that helps.

  • 2951 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!