05-30-2023 02:57 PM
Hi, anytime we enable "web security" as recommended on the main dashboard of prisma access, MS Teams and outlook stop working. Outlook throws up certificate errors and teams refuses to connect. Upon investigation it looks as though the traffic is being decrypted and this is causing issues. We have put in bypass decryptions for the "worldwide 365 URL" and "worldwide 365 IP" lists in our network security decryption policy. However the logs clearly show this traffic is still being decrypted and breaking the application. It appears that the "web security" feature / policy later is overriding anything set at the network security layer with regards to encryption.
As soon as we disable "web security" the applications start working again. How should we configure the web security feature to bypass decryption for all M365 URLS and IP's?
Many thanks.
07-31-2023 01:19 AM
I am currently experiencing the same issue. I noticed that installing the Root CA allows decryption to work correctly,
but if I install Forward-Trust-CA, the same problem occurs.
07-31-2023 03:28 AM
Thanks for the reply folks - much appreciated.
In the end I did not enable split tunnel. What I did was create an EDL to the "M365 worldwide URLS" at https://saasedl.paloaltonetworks.com/feeds/m365/worldwide/any/all/url
Then under "web security" > "Global Decryption exclusions" > "bypass URL categories" I added in the External dynamic List.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
