Azure AD Connect Port Communication Requirements

Question

Hello, I'm currently migrating a vCenter hosted VM from one datacenter to another and need to submit a firewall request for communication from the new datacenter.

I only see one rule going from the server in the current datacenter through the firewall on HTTPS/443 going to Microsoft's Azure Infrastructure.

However, I need specific URLs and/or IP Addresses for the firewall request because I can't submit using wildcards.

I've reviewed the links below for guidance, but I don't see specific URLs without wildcards.

Is there another link or information source I should review for Azure destinations?

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports

https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide

Thank you in advance. Your support is greatly appreciated!

Answer 1

Hello, please take a closer look to rule with ID 56 of Microsoft 365 Common and Office Online, there you will find plenty of specific URLs and IPs required for AD Connect. You can omit the others.

Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.

Answer 2

Hi Peter, see the link you provide above:

Those point to:

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports

and

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-connectivity#connectivity-issues-in-the-installation-wizard