Turns out it was our L7 firewall Country Blocking policy. Some outlook-related hostnames (like outlook.ha.office365.com) were being resolved to IPs in countries that we block. Of course there is NEVER anything in the Meraki logs when a country block rule is hit, so we were flying blind. Although I think if you use syslog you can see something, is that right? Also, I thought white-listing a client source IP meant that IP; Is exempt from all firewall rules, both Layer 3 and Layer 7 (Applies to both the MX Security Appliance and the MR Access Points)
... View more
