Web Security Service intercepts Office 365 e-mail traffic on port 443 even with SSL disabled

Article Id: 168845

Status: Published

Updated On: 06-04-2018 11:44

Legacy Id: TECH245578

Products:

Web Security Service - WSS

Issue/Introduction:

The unexpected SSL interception behavior only occurs with the following condition.

Transparent deployment (Firewall/VPN and Unified agent)
Trying to connect to Outlook 365

[Note]
Normal HTTPS access, such as https://www.bluecoat.com, is unaffected.

Cause:

This is expected behavior from the Web Security Service.

The client accesses autodiscover.XXXXX.onmicrosoft.com when attempting to connect to Outlook 365.
However, autodiscover.XXXXX.onmicrosoft.com on port 443 does not exist.
The WSS intercepts this SSL traffic, which causes the error: tcp_error (I couldn’t reach autodiscover.XXXXX.onmicrosoft.com:443).

Resolution:

Workaround

Add autodiscover.XXXXX.onmicrosoft.com to the Threat Protection bypass list.
Disable Auto Discover function from Microsoft site: https://support.microsoft.com/en-us/kb/2212902.