We are on Cherwell Version 9.3.2 but had this issue with 8.3.2 as well.We have a hosted instance of Cherwell setup with an office365 (also hosted) Exchange account. We are able to setup the Exchange email account in the Cherwell Admin tool and test it without issue. We are also able to select it as the default account to monitor, but we are unable to set the "Exchange-specific settings" from our corporate network to route email to our processed or failed folder (select from drop-down next to "Move to folder:") without getting an "Unable to connect to the remote server" error. We are, however, able to set the folders from a regular internet connection (off the corporate network).
The error states "No connection could be made because the target machine actively refused it" followed by a random IP address that always traces back to Microsoft.net and :443. We monitored traffic on port 443 as I tried to set the folders and it's showing my local device IP (Not the Cherwell hosted IP) is trying to communicate with office365 directly through port 443 by-passing proxy. Is there a way to make Cherwell proxy aware when communicating through port 443?
We have allow rules for our Prod and Test hosted IPs to be able to communicate through port 8001, we didn't need the rule on 443 as we have open internet traffic. The issue with this specific function is that we would need to allow all user IPs to communicate through 443 bypassing proxy - and that won't get approved for obvious security reasons. We could also setup our Cherwell admins with static IPs and open up traffic to their IPs through 443 but that also would not get approved. Our network team tells us there must be a way to make Cherwell proxy aware - but I haven't found any options in our Admin console - perhaps device registry change?
Has anyone else run into this issue, and is there a way to resolve it? The workaround is fairly simple, but still an inconvenience.