Split tunnel for O365

We have a setup with Peplink Balance routers in HQ and lots of branch offices. For security reasons all traffic (corporate and Internet) goes through a PepVPN tunnel to HQ. The Internet break out goes at HQ via a separate firewall. As we turn over to Office 365 (or Microsoft 365 as it is called now), we noticed that working in O365 at the overseas offices is sometimes a bit too slow. Therefore we want to allow a local break out for 0365. I believe that is possible entering lots of Outbound policy entries but as we have over 60 units, this will be a nightmare.

Is there a better way to solve this? Could I run a script? Is there maybe in a future FW an option to enable (or block) O365 like in outbound policies like the preset categories in Web blocking?

//Marco

1 Like

Do you think managing the Outbound policy by InControl2 meets your requirement? Please find the screenshot below.

Ensure you know all the related domains of Office 365 and read the tips below before you implement the outbound policy.

1 Like

Yes, it could be an option but still I realize it will be hundreds of entries with different URLs, IP addresses and ports which also need to be updated regularly. See Office 365 URLs and IP Addresses.

So, I am looking at a more automated method.

I move this to feature request and let the team to take consideration.

Thanks.

1 Like

That would be great. Microsoft have RSS feeds available to update the long list of URL and IP addresses so I hope these can be used for Peplink Balance products soon.

//Marco

Any news on this topic? Our overseas colleagues are pushing us to speed up O365.

@schenkies

Our engineering team has added this to the roadmap but I do not yet see an ETA for this feature. I am reaching out to request an update from the engineers.

3 Likes

hello @Zach_Tangen
any updates on this please?
I believe this is already included in firmware 8?

regards

@rocknolds

This is still in road-map feature, no detail ETA yet.

2 Likes

In firmware 8 there is the possibility to create an outbound policy based on application but I am still missing Microsoft Office 365. This function would really help us. Is there any update on this?

1 Like

Any update on this? I am about to deploy direct to net for O365 at 20 locations and this feature would sure help!!

1 Like

@ahammond and @schenkies

IC2 2.8.2 introduced outbound polices and firewall rules by a region or a Software-As-A-Service (Saas). This allow you to define the outbound policy & firewall rules base on the SaaS application like office 365.

Screenshots for the outbound policies base on SaaS:


5 Likes

Hi @sitloongs,
Coud we do outbound policy as SaaS by local configuration device without Incontrol?
Thanks.

@han.ho & @chung_vu

The Region & SaaS policy only available in IC2 as for now.

2 Likes