This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proxy Authentication Errors - Office 365

Hello Everyone,


Our organization deployed the Sophos UTM 9 Appliance this past October. We have been pleased overall with the platform. However, ever since the deployment we have encountered issues with Office 365. Specifically our users receive a Windows Authentication box when they open a 365 Application or while they are working in one. This happens almost every day, multiple times a day. Inputting on'es AD credentials does nothing, only canceling the resquet a few times hides the pop-up.

I have taken it up with Microsoft, and they like to think this is a result of our configuration.

Here is a snippet of the weblog:

2015:11:06-15:48:54 edge01-md01 httpproxy[6012]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="10.1..x.xxx" dstip="10.1.y.yyy" user="zdavis" ad_domain="XXXXXX" statuscode="500" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffItDeptExcep (IT Dept Exception Filter)" size="0" request="0xde766000" url="https://ourdomain.com/" referer="" error="Connection refused" authtime="49" dnstime="3" cattime="0" avscantime="0" fullreqtime="2039" device="0" auth="2" ua="" exceptions="" country="N/A"
2015:11:06-15:48:54 edge01-md01 httpproxy[6012]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.1.x.xxx" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2513" request="0xde76a000" url="https://ourdomain.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="69" device="0" auth="2" ua="" exceptions=""
2015:11:06-15:48:54 edge01-md01 httpproxy[6012]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.1.x.xxx" dstip="" user="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2513" request="0xdef67000" url="https://ourdomain.com/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="90" device="0" auth="2" ua="" exceptions=""

IP Addresses:

10.1.x.xxx (My Workstation)

10.1.y.yyy (Our Secondary DC + DNS Secondary)

Our UTM Appliance is running the Web proxy in Standard Mode.

The error seems to be that the proxy cannot find "ourdomain.com:443". Testing in Wireshark confirms this, as does Fiddler. I personally believe this is the Auto-discover functionality of Office, however, we don't really use Auto-discover because we have a local Exchange server.

Off the top of your heads can you think of what I might be missing? Is there any other line of investigation i could pursue. If there is any other information I can provide (aside from identifying info) please let me know.

Thanks,


Zach Davis



This thread was automatically locked due to age.