Firewall prevents users from using Office 365 services from rich clients

SYMPTOMS

In a Microsoft Office 365 environment, one or more of the following issues occur:

Users cannot use Microsoft Online Services Directory Synchronization.

Users cannot use any of the following rich clients in Office 365:

Microsoft Outlook

Microsoft Lync 2010

Office Professional Plus Subscription

Office Applications

Administrators cannot use the Microsoft Online Services Module for Windows PowerShell.

CAUSE

These issues may occur if a proxy server or a firewall requires local authentication.

RESOLUTION

To resolve these issues, configure an exception for Microsoft Online URLs and applications from the authentication proxy.

Microsoft Internet Security and Acceleration Server (ISA) 2006

To resolve this issue for ISA Server 2006, create an "allow" rule that meets the following criteria:

Allow outbound connections to the following destination: *.microsoftonline.com

Allow outbound connections to the following destination: *.microsoftonline-p.com

Allow outbound connections to the following destination: *.sharepoint.com

Allow outbound connections to the following destination: *.outlook.com

Allow outbound connections to the following destination: *.lync.com

Allow outbound connections to the following destination: osub.microsoft.com

Ports 80/443

Protocols TCP and HTTPS

Rule must apply to all users

HTTPS/SSL time-out set to 8 hours

Note These settings are highly recommended.

MORE INFORMATION

For more information about how to configure ISA Server 2006 firewall rules, visit the following Microsoft website:

http://technet.microsoft.com/en-us/library/cc539142.aspx

Be aware that the same rule concepts can be applied to other firewalls.

Note Your firewall server may require the firewall client to be installed on users' computers.

 

APPLY TO

  • Microsoft Office 365 for enterprises
  • Microsoft Office 365 for small businesses