Recently configured Azure AD for an Office365 client, using the same local/internal domain as their external website. (i.e. we are using "domain.com" as the Azure AD/Office365 domain, and also using "domain.com" for website).
Client's local network is connected (site-to-site) via a SonicWall tz300.
When I set the SonicWall to use Azure DNS servers, everything worked as expected except the issue below. For example, I can ping, I can RDP, file shares are properly available, everything resolves over DNS without any issues, etc.
From any machine (a VM on Azure, or a local PC over VPN) the website "domain.com" and/or "www.domain.com" no longer loaded. I quickly discovered this is because we're using the Azure DNS servers so I added an A record for "www" that points to the external website's IP.
This allowed me to successfully access "www.domain.com" and bring up the external website when I browse from an Azure VM without any issue.
The outstanding issue is this: Attempting to access "www.domain.com" from a local PC connected via site-to-site through the SonicWall leads to the following error:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Note, pinging "www.domain.com" from both an working Azure VM or a local machine that receives this error resolves the appropriate IP address of the website.
I can't even begin to understand how this is happening and would greatly appreciate any insight. Thanks in advance!
403
is a permission issues. Maybe you could refer to this link*.conf
.time out
not403