I have an xg210 and im trying to allow the activation of office 2021
i added all the urls in the web exception , and gave allow all to a specific ip to test , still it is not working
nothing is shown as blocked in the logs
edit : when i install wireshark , it works !
what can i check exactly ?
so i was able to pinpoint the internet status of office is related to the Network Connection Status Indicator (NCSI) of microsoft .. i am trying to allow access to the servers of NCSI for everyone in my subnet . i added them to the web exception but it didnt work .. should i have a firewall rule for everyone to allow access ( other than the initial deny rule ) ? shouldnt the exception work for everything ??
please enlighten me
Hello TarekHalloun,Thank you for reaching out to the community, you may refer the following article below: Configure web exceptions for Office 365: https://support.sophos.com/support/s/article/KB-000038173?language=en_US
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
i added the exceptions and it works if i have allow all
other users with some limitations are still block , as if the exception did not work
Can you perform a packet capture to see from which rule the traffic passes through when it does not work !!
the connection to microsoft passes through the correct rule related to the user's ip , it shows as green with no blocking
And if you add a FW rule into the IPS exception: Bypass a specific firewall rule for Application Classification and ATP: https://support.sophos.com/support/s/article/KB-000038900?language=en_USSee if this helps !!
what does this do ?
it will Bypass a specific firewall rule for Application Classification and ATP
but then all the restrictions i made on this rule will not work .. not a good solution
It was just to confirm whether that works or not, and if that works then support can help you investigate further in that direction !!
how can i select which rule to disable the atp?i see the command : set ips ac_atp exception fwrules 1,2.
set ips ac_atp exception fwrules 1,2
is 1,2 the rule number ?
That's correct in your case the rule no is 7 so the command will be as follows: set ips ac_atp exception fwrules 7