What service are you trying to use?'
Attempting to log into a managed gmail account w/ microsoft SSO integration (university email account).
What does not work?
It appears that part of the microsoft SSO flow has DNS records referring to trafficmanager.net. Login fails at the login.microsoftonline.com step.
Which rule you believe is causing this?
It appears that the rule for ||trafficmanager.net^ is causing microsoft login to fail.
AGH Logs
Details for the block:
In text form:
Response details Status Blocked by CNAME or IP DNS server 149.112.112.112:53 Served from cache Elapsed 0.43 ms Response code NOERROR Rule(s) ||trafficmanager.net^ ph00ot0 blocklist Response A: 0.0.0.0 (ttl=10) Original response CNAME: login.mso.msidentity.com. (ttl=160) CNAME: ak.privatelink.msidentity.com. (ttl=160) CNAME: www.tm.ak.prd.aadg.trafficmanager.net. (ttl=160) A: 20.190.190.130 (ttl=160) A: 40.126.62.129 (ttl=160) A: 20.190.190.196 (ttl=160) A: 40.126.62.131 (ttl=160) A: 40.126.62.130 (ttl=160) A: 20.190.190.193 (ttl=160) A: 20.190.190.132 (ttl=160) A: 20.190.190.129 (ttl=160)
After manually adding an override rule for login.microsoftonline.com, login works again.
Added rule: @@||login.microsoftonline.com^$importantthrough adguard's gui.
See DNS queries, first is before adding override rule, second is after
Tool used (pick one):
What service are you trying to use?' Attempting to log into a managed gmail account w/ microsoft SSO integration (university email account).
What does not work? It appears that part of the microsoft SSO flow has DNS records referring to trafficmanager.net. Login fails at the login.microsoftonline.com step.
Which rule you believe is causing this? It appears that the rule for
||trafficmanager.net^
is causing microsoft login to fail.AGH Logs
Details for the block:
In text form:
Response details Status Blocked by CNAME or IP DNS server 149.112.112.112:53 Served from cache Elapsed 0.43 ms Response code NOERROR Rule(s) ||trafficmanager.net^ ph00ot0 blocklist Response A: 0.0.0.0 (ttl=10) Original response CNAME: login.mso.msidentity.com. (ttl=160) CNAME: ak.privatelink.msidentity.com. (ttl=160) CNAME: www.tm.ak.prd.aadg.trafficmanager.net. (ttl=160) A: 20.190.190.130 (ttl=160) A: 40.126.62.129 (ttl=160) A: 20.190.190.196 (ttl=160) A: 40.126.62.131 (ttl=160) A: 40.126.62.130 (ttl=160) A: 20.190.190.193 (ttl=160) A: 20.190.190.132 (ttl=160) A: 20.190.190.129 (ttl=160)
After manually adding an override rule for login.microsoftonline.com, login works again. Added rule:
@@||login.microsoftonline.com^$important
through adguard's gui.See DNS queries, first is before adding override rule, second is after