A variation of this question was asked last September with no solution. I would like to expand the question and I have opened a case online regarding it.
I have been forced to disconnect our VM Web Appliance due to the following issues:
- It prevents FedEx Shipping Manager Software from communicating with its servers
- It prevents our postage PC from communicating with its servers
- It prevents Office 365 Clients from activating their licenses.
All http and https traffic is routed through the virtual web appliance. These issues started soon thereafter. Disconnecting the web appliance from the network allowed our Sonicwall firewall to bypass it and these items all started working again.
Putting domain names like fedex.com in the globally allowed domains section of the web appliance still prevented communication with the fedex servers.
Here is some information from fedex:
2.Port 443 must be open. FSM communicates to the FedEx tunnel server on 443. Connections to other websites may use port 80 (standard) or 443 (secure).
3.The DNS address and port of Tunnel Gateway Server is: cafegip.ts.dmz.fedex.com:443
IP addresses for the tunnel server cluster are:
199.81.216.140 (sni-vip3.dmz.fedex.com)
199.81.216.60 (sni-vip4.dmz.fedex.com )
204.135.8.17 (sni-vip5.dmz.fedex.com)
204.135.8.16 (sni-vip6.dmz.fedex.com)
Note: All addresses use port 443. Customers firewall must be open for these IP’s for SSL traffic over port 443..
Note: Subnet mask is 255.255.255.0..
For Office 365, this site: ols.officeapps.live.com/.../OlsClient.svc must be contacted by the client. The web appliance interferes with that.
Please advise on workarounds other than turning the entire unit off.
This thread was automatically locked due to age.