Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
678
Views
0
Helpful
0
Replies

Cisco DPI + O365

RS19
Level 4
Level 4

‎02-19-2019 06:32 PM - edited ‎03-08-2019 05:34 PM

I have the below queries regarding achieving local internet breakout for O365 traffic via SD-WAN using DPI

My understanding for this as below.

1) SD-WAN should have default route to Internet (VPN0)

2) NAT should be enabled.

3) DPI should be enabled for O365 application.

 

1) Proxy PAC: My host PC will be configured for PAC file. Intra websites will be allowed direct access, O365 will be also configured for direct access (local breakout) & rest of Internet will be via my existing proxy server.

2) DNS: When the user tries to connect to www.office365.com from their PC, 1st it has to be resolved by my internal DNS server. The internal DNS server can not resolve it by itself so it is configured to resolve via external DNS like split DNS.

           This will resolve the www.office365.com URL & it sends it to the client PC.

 

Now the client PC will try to connect to www.office365.com via the DNS  reply.

the default route from the SD-WAN device will take it out of VPN0.

Let me know if my above understanding is right. Also let me know how enabling DPI helps here.

Also let me know is it ok to use only internal DNS servers. No external DNS servers for resolution.

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents