Desktop Office apps unable to see Microsoft O365 people or resources

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Desktop Office apps unable to see Microsoft O365 people or resources

L1 Bithead

Hi,

Have two separate issues, but think they are connected by lack of firewall rule somewhere, cannot locate what I am missing thou..

Issue1:

When I try to use SHARE button inside desktop version of Word/Excel/PPoint to share document, cannot see anyone in drop down, cannot search for any users and in general it's not populating. I don't have that problem when trying to share document that is saved in any online location - all employees showing in 'share with' window.

Issue 2: 

I cannot connect to any of my PowerBI datasets located online from any desktop Excel. That is true for any user, on any computer, on any VLAN I have. When I select Get Data/from PowerBI, only thing that I can see is grey column with spinning wheel.

 

When users attempt to connect to same datasets from non-corporate devices, they can just fine.

 

We have converged Palo environment: GlobalProtect, VPN portals, Cortex, on-prem Palo firewalls. 

I am very new to Palo firewalls, just been on PAN-210 training course few days ago, so understand building blocks of security rules, but this is 'art' part of knowledge and I am not there yet.

Anyone had similar issue and can lead me to a app, service, combination of both that is responsible for communication with MS online resources from within Office apps?

Our Outlook and SharePoint online portals works perfectly fine, can get mails and access Intranet website without issue.

 

Regards

Robert

Regards
Robert Tryba
8 REPLIES 8

Cyber Elite
Cyber Elite

@RobertTryba,

Do you decrypt outbound traffic on your network? Have you enabled logging on the interzone-default security entry so that uncaught denied traffic is actually being recorded in the traffic logs? 

L0 Member

Similar issue that started today. My Office 365 would not complete MFA and it was because my firewall thought the dest IP was in China and was blocking the traffic. I have tried rolling back Applications and threats but that hasn't changed anything. I ended up disabling the geo rule until it gets patched. 

We are currently tracking an issue with this. Content update 8559 is causing outages, as geo-ip data is showing incorrect mappings. TAC is currently working on an advisory to customers, but, there are microsoft services and opendns resolvers in the problematic subnets: 

13.107.202.0-13.107.255.255
52.127.91.0-52.127.93.255
146.75.32.0-146.75.47.255
168.63.129.16 - 168.63.129.31
142.250.176.0 - 142.250.183.255
208.67.220.0 - 208.67.220.255

Please follow these instructions to revert below 8559 and see if that fixes your issue. 

Help the community! Add tags & mark solutions please.

L1 Bithead

Hi,

Still getting my head around Panorama's 'pre' and 'post' rules, 

We do have decrypt rule on outgoing traffic and we do have catch rule with logging enabled. 

Any specific events I should look for ?

 

Edit:

Just found we also have 'don't decrypt O365 traffic rule' in other part of Panorama, so back to beginnings. Any key terms I should look for in logs..?

Regards
Robert Tryba
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!