Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Google drive/docs/sites not opening

This thread has been viewed 1 times

  • 1.  Google drive/docs/sites not opening

    Posted Feb 08, 2013 05:10 AM
      |   view attached

    Hi,

     

    We only started this month to encourage our staff members and students to use google drive and google docs. We are facing a wierd issue. On guest role, the users are not able to browse to drive.google.com however they can browse to any other website without any issues. When I set the role to be authenticated then clients have no issues in accessing drive.google.com or docs.google.com but as I change it back to guest then it just sits there. It looks like there is something in firewall on controller which is blocking access. Site is happy when all trffic is allowed through controller firewall.

     

    For your reference I have attached "show rights guest" command output.

     

    Thanks

    Farzan

    Attachment(s)

    txt
    guest.txt   7 KB 1 version


  • 2.  RE: Google drive/docs/sites not opening

    EMPLOYEE
    Posted Feb 08, 2013 06:33 AM

    Why don't you choose a user and type "show datapath session table <ip address of user>" and see what traffic is denied when they try to open a google doc."?



  • 3.  RE: Google drive/docs/sites not opening

    Posted Feb 08, 2013 08:28 AM

    Some info:

    Google Drive and Google Sites are designed to work on uninhibited networks. But for domain and network administrators with specific firewalls or servers, the following must be accessible for Google Drive and Sites to function properly:

    For the following, [N] means any single decimal digit. * means any string not containing a period.

    Drive, Docs, Slides, and Drawings

    • http (port 80) connection to docs.google.com, docs[N].google.com and *.docs.google.com.
    • https (port 443) connection to docs.google.com and docs[N].google.com. The certificate protecting this connection has *.google.com as its subject.
    • https (port 443) connection to *.docs.google.com. The certificate protecting this connection has *.mail.google.com as its subject, but has *.docs.google.com as a subject alternative name.

    Sheets

    • http (port 80) connection to spreadsheet.google.com, spreadsheets.google.com, spreadsheets[N].google.com, and *.spreadsheets.google.com.
    • https (port 443) connection to spreadsheet.google.com, spreadsheets.google.com and spreadsheets[N].google.com. The certificate protecting these connections has *.google.com as its subject.

    Sites

    • http (port 80) connection to sites.google.com.
    • https (port 443) connection to sites.google.com. The certificate protecting this connection has *.google.com as its subject.
    • https (port 443) connection to *.sites.google.com. The certificate protecting this connection has *.mail.google.com as its subject, but has *.sites.google.com as a subject alternative name.

    Drive, Docs, Sheets, and Slides

    • https (port 443) connection to ssl.gstatic.com. The certificate protecting this connection has ssl.gstatic.com as its subject.
    • https (port 443) connection to www.google.com. The certificate protecting this connection has *.google.com as its subject.
    • https (port 443) connection to *.googleusercontent.com. The certificate protecting this connection has *.googleusercontent.com as its subject.
    • https (port 443) connection to gg.google.com. The certificate protecting this connection has *.google.com as its subject.
    • https (port 443) connection to *.googleapis.com. The certificate protecting this connection has *.googleapis.com as its subject.

    The IP addresses that the various domain names resolve to cannot be assumed to fall inside any given address range. IP addresses used by Google Drive may be used by other Google properties. The techniques that Google Drive uses to connect to Google servers depend on the browser, browser version, and networking conditions, among other things. Even if activity to some of the addresses above is not observed in a particular Google product, that doesn’t mean it never will be.



  • 4.  RE: Google drive/docs/sites not opening

    Posted Feb 08, 2013 08:30 AM

    More ports info (even due i dont see any deny in your txt file that u sent):

    Google Drive for your PC/Mac

    • www.google.com:443/HTTPS
    • accounts.google.com:443/HTTPS
    • clients3.google.com:443/HTTPS
    • talk.google.com:5222/XMPP
    • drive.google.com:443/HTTPS
    • www.googleapis.com:443/HTTPS
    • ssl.gstatic.com:443/HTTPS
    • *.docs.google.com:443/HTTPS
    • *.drive.google.com:443/HTTPS
    • *.googleusercontent.com:443/HTTPS

    Google Drive on the web

    • s.ytimg.com:443/HTTPS
    • video.google.com:443/HTTPS
    • lh3.google.com:443/HTTPS
    • lh4.google.com:443/HTTPS
    • lh5.google.com:443/HTTPS
    • lh6.google.com:443/HTTPS