KB N°12: The Olfeo SaaS service is inaccessible behind a Stormshield firewall

Published December 19, 2023Modified on March 28, 2024

You've installed the Station Agent on one of your workstations, and it seems to launch correctly, but access to the filtering service is obviously not successful. Your network is protected by a Stormshield firewall and has IPS functionality.

Context

By default, Stormshield firewalls, and particularly the IPS blade, block connection attempts to Olfeo SaaS, considering it a risk of Internet evasion.

Prerequisites

Set up an override rule on the Stormshield firewall.

Note

It may be necessary to make a similar modification on other Firewalls with IPS functionality.

Procedure

We recommend that you create an override rule before integration to authorize flows to the domains required for Olfeo SaaS toavoid IPS blocking.

In the same vein, remember to open the public destinations required for user authentication on your IDP.

Tags: Problem solving, RP-01, operate, get started