Problems with ms lync / url filtering

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Problems with ms lync / url filtering

L2 Linker

Hi all,

I am trying to get lync2013 working, and more specifically Skype for Business, successor of Lync. I have Lync 2013 completely working, but I would like to permit all the wildcards permitted through url filtering, linked to a number of applications as Stun, ssl, mslync,... After this rule , there are also other url filtering rules, for example for all other users, going to internet.

The list I am talking about is :

*.microsoftonline.com

*.microsoftonline-p.com

*.onmicrosoft.com

*.sharepoint.com

*.outlook.com

*.lync.com

*.verisign.com

*.verisign.net

*.public-trust.com

sa.symcb.com

I tried with security profile, with an allowed url_categorie, for ex. 'Microsoft permitted sites'  with the wildcards in, but problem is that in that case, I have to block all categories, otherwise all categories are permitted. Blocking is also no option, since then users can only go to the defined sites and nothing else. Anybody an idea ?

thanks

3 REPLIES 3

L5 Sessionator

Hello,

Create security policy with with your custom categories in the service column instead of applying as security profile.

Regards,

Hari Yadavalli

Thanks Hyadavall, but I tried that. What I did was creating custom url_categorie, and put here all the *.microsoft sites in it. This category I applied in the rule and added as url category in the policy. I don't think I can add a customer url category as service, like you said. Problem is that not only the traffic to the microsoft sites seems to be allowed, but also all the traffic going to untrust, which has no url category, and translated as any. 23.101.14.229 is ip of a newspaper.

greetz,

Johan

For SSL sites you will need to enable decryption to read the url and apply any url filtering policy.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
  • 4574 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!