Link Search Menu Expand Document

Microsoft Online Split Tunnel Configuration

Workflow #0003

Microsoft provides a JSON-formatted feed of their networks and domains for their various cloud services. This workflow demonstrates fetching that JSON, converting it into split-tunneling commands for Cisco ASA, and then executing those commands on an ASA.

Overview GitHub


Requirements


Workflow Steps

  1. Fetch the online services information JSON from Microsoft
  2. Use Python to parse the JSON into ASA commands
  3. SSH to an ASA and execute the commands

Configuration

  • Go to Microsoft’s website to get the URL for the worldwide endpoint JSON. Click the link on the second bullet to https://endpoints.office.com/endpoints/worldwide and copy the URL into the Microsoft Endpoints URL local variable in the workflow
  • (Optional) Change the name of the objects created by the workflow in the AnyConnect Exclude Domain Group Name and/or Network Object Group Name local variables
  • (Optional) Modify the commands generated in the Get and parse JSON from Microsoft and/or Execute commands on ASA activities

Targets

Target Name Type Details Account Keys Notes
(varies) Terminal Endpoint Configured for your ASA Account key for your ASA This target is provided to the workflow when you run it

Account Keys

Account Key Name Type Details Notes
(varies) Terminal Key-Based Credentials
OR
Terminal Password-Based Credentials
Depends on target type