For the last couple of weeks we are running into an interesting issue with our Office365 EDL's. We pull the Office365 API based IP/URL list into Panorama using MineMeld. This process is working perfectly. We have compared the output within MineMeld against the EDL on our firewall and they are identical. For some reason I am seeing multiple connections being blocked to IPv4 ranges that are contained in the EDL. This is occurring on multiple protocols, STUN, SSL, etc... affecting Skype For Business for a number of users. Now, what is odd, is that I can fix this issue if I take the IP range from the EDL present on the firewall and create a network object for it and place it in the same exact rule. So this tells me that the problem is with the firewall using objects in this specific EDL. The EDL has 184 different IPs or IP ranges in it. We are running 8.1.4 on all firewalls. Has anyone else run into this issue? Thank you in advance!
Here is the IP range: 184.108.40.206-220.127.116.11 The app affected is Skype.
Like I mentioned earlier I can clearly see the IP range on the firewall contained within the EDL but the traffic is still getting denied by policy to this specific range. Once I add an IP range Object for it to the same rule it starts matching and the traffic is allowed. I haven't checked to see if there are other ranges in the EDL being denied, so I will check that this morning and report back.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!