Specify sites not managed by the hybrid service
Use the page to review, add, or edit information about target sites to which you want to grant clients unrestricted access. Clients can access these sites directly, without sending the request to either the hybrid service or an on-premises explicit proxy in a filtered location, if used. Typical unfiltered destinations include organizational web-mail sites, internal IP addresses, and Microsoft update sites.
As a best practice, add your organization’s web-mail address as an unfiltered destination. This ensures that:
- You can access messages from Technical Support in situations that cause your proxy or the hybrid service to block all requests.
- Off-site users who have forgotten (or not created) their hybrid service password can retrieve it via email.
Destinations listed here are added to the Proxy Auto-Configuration (PAC) file that defines how users’ browsers connect to the hybrid service (see Configure user access to the hybrid service). By default, the PAC file excludes all non-routable and multicast IP address ranges from policy enforcement. Therefore, if you are using private IP address ranges defined in RFC 1918 or RFC 3330, you need not enter them here.
Each unfiltered destination that you define appears in a table that combines a name and description with technical configuration details, including how the destination is defined (as an IP address, domain, or subnet), and the actual IP address, domain, or subnet that users can access directly.
- To edit an existing entry, click the location Name, and then see Adding or editing hybrid service unfiltered destinations.
- To define a new location, click Add, and then see Adding or editing hybrid service unfiltered destinations.
- To remove an unfiltered destination, mark the check box next to the destination name, and then click Delete.
If you have added or edited an unfiltered destination entry, click OK to cache your changes. Changes are not implemented until you click Save and Deploy.