office 2021 activation blocked

Question

hello 
 I have an xg210 and im trying to allow the activation of office 2021 
 i added all the urls in the web exception , and gave allow all to a specific ip to test , still it is not working 
 nothing is shown as blocked in the logs 
 
 edit : when i install wireshark , it works ! 
 what can i check exactly ?

so i was able to pinpoint the internet status of office is related to the Network Connection Status Indicator (NCSI) of microsoft .. i am trying to allow access to the servers of NCSI for everyone in my subnet . i added them to the web exception but it didnt work .. should i have a firewall rule for everyone to allow access ( other than the initial deny rule ) ? shouldnt the exception work for everything ?? 
 please enlighten me

AstaroNBack · Answer

NCSI False "no internet" status 
 Microsoft NCSI is a Windows service that determines whether the computer is connected to the Internet. If it thinks you are not connected, (Even though your are) Office 365 apps will not permit SIGN IN or Activate. 
 Sophos Firewall whether transparent or used with proxy settings may interfere with the TCP settings and the problem will not be apparent in Sophos FW logs, believe me, VERY FRUSTRATING, and not necessarily Sophos fault, but related to using a Sophos product. 
 IMHO, Sophos Support Engineers should be aware of this possible issue and add it to their KB for customer support. 
 Office 365 Apps need to Activate when behind Sophos firewall (Transparent) 
 Root Article 
 https://learn.microsoft.com/en-us/answers/questions/59943/ncsi-false-34no-internet34-status.html 
 How to Disable - Fixes Windows Internet Status Indicator in task bar, so that Office will activate 
 https://social.technet.microsoft.com/Forums/lync/en-US/04cece81-3bd6-4f0d-9356-d26c2ffaa7ec/disable-ipv4-checksum-offload-from-command-or-script-on-windows-7?forum=w7itpronetworking 
 https://purepcs.co.uk/kb/microsoft-connection-test-ncsi-and-office-365/ - another article 
 
 QUICK FIX via windows GUI 
 OPEN Ethernet Adapter Settings, > CHANGE > CONFIGURE > ADVANCED 
 IPV4 CHECKSUM OFFLOAD --- Change value to DISABLED 
 Not all adapters will have this setting, but it worked on one of our computers. 
 
 Good Luck >

office 2021 activation blocked

Top Replies