Conor Mulcahy

Azure to Checkpoint VPN

Discussion created by Conor Mulcahy on Jun 8, 2018
Latest reply on Jun 8, 2018 by Conor Mulcahy

Hi,

 

Just wanted to start a conversation on a issue i'm having with an Azure Microsoft VPN site to site, the VPN tunnel never goes down and seems stable, we have a number of servers in the cloud and can always connect to them via RDP.

 

The problem is when someones domain accounts password resets  the outlook client does not automatically pick up the password change and does not connect with update password in the bottom of the screen.

 

What should happen is the outlook client should go across the vpn tunnel to authenticate to an ip address which load balances to a number of Microsoft ADFS servers. The only way i can get it to work is put a host entry on the PC to point at Azure via a public IP which is the way it should work if you are outside of the LAN.

 

Once outlook can talk back to Azure i remove the host entry and everything works across the vpn tunnel until the password expires again.

 

All services are allowed across the VPN, https inspection is enabled with probe bypass. Sometime some of the admins get time outs when trying to logon to the admin portal for Azure across the VPN, i've tried to bypass all security AV, IPS https etc for this traffic but nothing works.

 

It should work better across the VPN rather than going directly out to the internet. Anyone have similar problems with Azure, love to hear, don't know how to start troubleshooting this? It all worked fine when we previously has a Fortigate firewall but ssl inspection wasn't enabled. Anyone have any info please share.We are running R80.10.

 

Thanks

Outcomes