Hi all,
Using IAP 305/315 on OS 6.5.4.8 and I have a conundrum on allowing email access on our guest wifi. I'm assuming I'm jus being dumb
As per advise on setup I've got the following allowed on our guest network:
http to all
https to all
dhcp to all
dns to all
smtp to all
I was told that'd give me internet and email across the wifi and for the most part it does. Everyone's phones that have connected seem to just sync and update their existing exchange accounts or gmail accounts etc and I've done a number of tests back and forth with my own exchange/gmail/hotmail accounts on personal and work phones.
However one user is claiming that he can't connect to any of his accounts. For one he's apparently having to put port specific settings in his phone (which I haven't seen needed in a long time) and so he's specifying any of either ports 993, 995 and 465. These are apparently all failing
I went and looked through the allow list on network services and I can see pop3 but no imap. And if I change from network to application i can see pop3/s and imap/s. I can also see in application category the mail-protocols and webmail settings (which i actually saw recommended as a fix for this in another thread here)
So basically what I've done is added allow to all destinations on
app category mail-protocols
app category webmail
application imap
application imaps
application pop3
application pop3s
application smtp
application smtps
This still doesn't let this work at all. I've also tested trying to add my gmail account to outlook via manually setting the imap/smtp ports and it fails to connect.
What else is there? Is it instead a case of adding the specific ports instead of adding all those application categories etc? If so is this as simple as adding the TCP ports as a custom network entry?
I don't know how to trace any of this traffic through the IAP to see if it is actually the IAP that's blocking this or not but this is too simple a problem to have kept me busy for nearly a day!