Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Secureworks and O365

BGMRobBGMRob Newbie ✭
edited October 2020 in Entry Level Firewalls

I have a TZ300 and have just signed up with Secureworks to monitor our O365 tenant. I've been with Secureworks for a year and have their CTA and iSensor appliances onsite. I recently migrated to O365 and would like to keep our email under Secureworks' watchful eye. As part of the implementation configuration I need to open up our CTA appliance on TCP/443 to 4 different destinations: manage.office.com, graph.windows.net, graph.microsoft.com, and reportingservice.activedirectory.windowsazure.com I've attempted to follow the directions here: https://www.sonicwall.com/support/knowledge-base/how-can-i-enable-port-forwarding-and-allow-access-to-a-server-through-the-sonicwall/170503477349850/ but haven't had any success. I think I'm getting tripped up on the NAT Policy. Are there any clearer, simpler directions out there that will help me in doing this? I'm not a firewall guy by any stretch of the imagination.

Category: Entry Level Firewalls
Reply

Best Answers

  • CORRECT ANSWER
    shiprasahu93shiprasahu93 Moderator
    Accepted Answer

    Hello @BGMRob,

    Welcome to SonicWall Community.

    Here are the access rule and NAT policy:

    Access rule:

    Action: Allow

    Source: Any (You can also create FQDN address objects for the URLs manage.office.com, graph.windows.net, graph.microsoft.com, and reportingservice.activedirectory.windowsazure.com and group them and use here)

    Destination: WAN address (Usually X1 IP)

    Service: HTTPS

    NAT policy:

    Original Source: Any

    Translated Source: Original

    Original Destination: WAN address (Usually X1 IP)

    Translated Destination: CTA appliance private IP

    Original Service: HTTPS

    Translated Service: Original

    Inbound Interface: WAN Interface (Eg: X1)

    Outbound Interface: Any

    You can use the public server wizard if you find that easier. It adds access rule, inbound, outbound and loopback NATs.

    I hope this helps!

    Thanks!

  • CORRECT ANSWER
    shiprasahu93shiprasahu93 Moderator
    Accepted Answer

    Hello @BGMRob,

    Have you created a separate address group that contains the Microsoft URLs in question? If yes, please use that group in the source field of the access rule and also in the Original source field of the NAT rule.

    With that, it will forward the HTTPS traffic when being sent from those Microsoft URLs to the CTA and on all other occasions to the web server.

    I hope that helps!

    Thanks!

Answers

Sign In or Register to comment.