Split tunnel for O365


#1

We have a setup with Peplink Balance routers in HQ and lots of branch offices. For security reasons all traffic (corporate and Internet) goes through a PepVPN tunnel to HQ. The Internet break out goes at HQ via a separate firewall. As we turn over to Office 365 (or Microsoft 365 as it is called now), we noticed that working in O365 at the overseas offices is sometimes a bit too slow. Therefore we want to allow a local break out for 0365. I believe that is possible entering lots of Outbound policy entries but as we have over 60 units, this will be a nightmare.

Is there a better way to solve this? Could I run a script? Is there maybe in a future FW an option to enable (or block) O365 like in outbound policies like the preset categories in Web blocking?

//Marco


#2

Do you think managing the Outbound policy by InControl2 meets your requirement? Please find the screenshot below.

Ensure you know all the related domains of Office 365 and read the tips below before you implement the outbound policy.


#3

Yes, it could be an option but still I realize it will be hundreds of entries with different URLs, IP addresses and ports which also need to be updated regularly. See Office 365 URLs and IP Addresses.

So, I am looking at a more automated method.


#4

I move this to feature request and let the team to take consideration.

Thanks.


#6

That would be great. Microsoft have RSS feeds available to update the long list of URL and IP addresses so I hope these can be used for Peplink Balance products soon.

//Marco


#7

Any news on this topic? Our overseas colleagues are pushing us to speed up O365.


#9

@schenkies

Our engineering team has added this to the roadmap but I do not yet see an ETA for this feature. I am reaching out to request an update from the engineers.