Nintex forms on O365 not loading

Maggs
Here to help

Nintex forms on O365 not loading

Starting today Nintex forms on Office365 will not load when the client is behind an MX.  We see this effect in multiple offices spread out across the USA using different ISPs.  Forms load normally when a client bypasses the MX and connects directly to the ISP.  DNS resolution does not seem to be an issue.  No blocking events are logged.  Temporarily disabling threat protection does not have an effect.  No recent firmware updates.  A packet capture on an MX shows reset packets instead of syn-ack's from the remote Nintex ip.  Any ideas or other people seeing the same issue? 

4 REPLIES 4
MerakiDave
Meraki Employee
Meraki Employee

First I've heard of this issue, good idea checking here with the Community, and I'd also suggest getting a support case open in parallel if you have not already, since Meraki Support will be able to quickly cross reference with other customers having the same issue.  Sounds like you've already done the basic troubleshooting steps, including temporarily disabling IPS and AMP and have been checking the logs and running packet captures, and ruled out an ISP issue since it's consistent across multiple providers.  Sounds like the next step is letting Support also dig into why you're getting connection reset packets from the remote IP. 

Thanks MerakiDave.  We opened a support case yesterday.  I had an update drafted and never hit Post, sorry.

 

In case this helps anyone else:  Meraki tech support helped us out.  Apparently the geo-IP service Meraki uses has this IP mapped to a country which we have blocked.  Other geo-IP services show the IP  in the US.  The mapping to the blocked country may be a mistake, and Meraki and we are requesting a correction.  Based on experience, the geo-IP service may take up to a week to remediate.  We confirmed removing the country block restores functionality.

 

Cheers-

PhilipDAth
Kind of a big deal
Kind of a big deal

Does the security event log report anything being blocked?

 

Try isolating the fault.  Try disabling AMP and IPS - does the issue still happen (if so, try enabling one at a time to see which one is causing the issue).

Sorry I missed this!  No, nothing showed in the event log.  We tried disabling AMP and IPS with no change.  Later Meraki support told us the ip we identified was marked by their Geo-ID provider as being in a country we block via MX.  We confirmed by removing the block for that country and seeing functionality resume.  Other Geo providers show the ip in the US and we all thought it was an error.  This particular provider took a week to revert the change and today we have functionality again, even with the country block.

 

Thanks for the help! 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels