Covid19: VPN optimisation for Nexus365

If you’re not using the central University VPN for your Nexus365 users you may be concerned about the load on your VPN from self-isolating remote workers.

VPN server load can be drastically reduced by ensuring that Nexus365 traffic is NOT routed over your VPN connection and is instead sent directly to the cloud service. To do this requires global routing to be disabled in the VPN’s configuration, limiting the traffic routed through the VPN’s tunnel to internal-only content. In Cisco’s VPN client this may be as simple as ticking a box.

To allow VPN-server-side direct internet routing for Nexus365 only, Microsoft provide a Powershell script which can be used to identify the current IP ranges used by their services and another for URL/IP/Port information. Microsoft’s suggestion is that you use their API which queries Microsoft Service Endpoints, which can also be queried via script.

By making this configuration change you can ensure that even with a significantly higher number of remote workers, the amount of traffic using your connection is limited to essential-only.

Posted in Uncategorized | Leave a comment

Leave a Reply