We just experienced a Meraki network-wide outage (over 200 sites) this morning where users were unable to get to outlook.office365.com and outlook.office.com. All sites are configured to route to the internet directly out of their local ISP via an MX firewall.
Did anyone else experience this? It lasted at least 2-3 hours.
It just resolved by itself without any changes made to any configuration.
During the troubleshooting, as a test, I set one network to have a default route via the site-2-site VPN at our hub site (which then routes to the internet via an FTD), with that configuration, the user was able to get to office365.
What could have happened? Anyone know?
Solved! Go to solution.
Turns out it was our L7 firewall Country Blocking policy. Some outlook-related hostnames (like outlook.ha.office365.com) were being resolved to IPs in countries that we block. Of course there is NEVER anything in the Meraki logs when a country block rule is hit, so we were flying blind. Although I think if you use syslog you can see something, is that right?
Also, I thought white-listing a client source IP meant that IP;
Do you have any L7 rule or content filtering configured?
Yes, but I removed all content filtering categories and white-listed my test IP on the dashboard, but the issue remained.
Did you check Microsoft's Service Health Status during the issue? I use Office365 and My network is Meraki and I haven't noticed any problems.
Turns out it was our L7 firewall Country Blocking policy. Some outlook-related hostnames (like outlook.ha.office365.com) were being resolved to IPs in countries that we block. Of course there is NEVER anything in the Meraki logs when a country block rule is hit, so we were flying blind. Although I think if you use syslog you can see something, is that right?
Also, I thought white-listing a client source IP meant that IP;