03-13-2019 04:01 PM - edited 02-21-2020 08:56 AM
Hi All,
I am new to working on Cisco Firepower and was looking for guidance on the following:
I need to create an access rule to allow access to the Office 365 services.
I have all of the domain names required to add to the rule e.g. *.office.com, *.sharepointonline.com but i am unable to find how to create an object that can encompass this.
I can create a network object using an IP address.
When i create a network object (Object > Object Management > Network), am i supposed to use the 'FQDN' option and then enter the value '*.office.com'?
Do i also need to create a single object for each domain and then create a group and add them to it?
I hope that this makes sense.
Your help is appreciated.
Regards,
Angelo
03-15-2019 04:20 AM
Hi,
Check out this Cisco Live session (BRKSEC-2033), it's a dedicated session using Office 365 and Firepower. It also provides some python scripts.
HTH
03-15-2019 07:01 AM
You have to do couple of things to achieve what you want to achieve.
1) Obtain Office Subnets (Ip address range / subnet mask) from O365 team
2) Create Network Objects for each Subnet
3) Add all of them to a "Office_Networks" object.
4) Create a Global Trusted Policy (check Screenshot) and add Office Network Object
5) Add Office O365 as Trusted Application in 'Trusted Application' rule. (Check Screenshot).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: