On Office 365 and Proxy Servers

So I was deploying an Exchange hybrid for one of our customers and had a unique experience with their Proxy Server.

In previous blogs, my colleagues and I have basically said that all connections should not be passing through a Proxy Server. If you absolutely have to use a Proxy Server then it should be configured to whitelist the URLs from Microsoft’s own documentation about the Datacentre IPs as well as removing all forms of pre-authentication.

When we do this for Exchange, there are generally three places that we have to configure this:

  1. Internet Explorer settings (IE > Tools > Internet Options > Connections)
  2. TCP/IP Stack settings (netsh winhttp set proxy)
  3. Exchange Server settings (Set-ExchangeServer -InternetWebProxy)

In this particular instance, I was configuring the Proxy URL bypass list for the Azure AD Connect server and discovered that there is a fourth way the proxy server can be set. This particular method is applicable to .NET applications and uses the machine.config file within the .NET Framework.

<system.net>
    <defaultProxy enabled="true" useDefaultCredentials="true">
    <proxy
        usesystemdefault="true"
        proxyaddress="http://proxyurl:port>"
        bypassonlocal="true"
    />
    <bypasslist>
        <add address="http://[a-z]+url\.com/" />
    </bypasslist>
    </defaultProxy>
</system.net>

When you restart the service or application then the proxy settings will take effect.

 

About the author