This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 82%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Hello, I'm currently migrating a vCenter hosted VM from one datacenter to another and need to submit a firewall request for communication from the new datacenter.
I only see one rule going from the server in the current datacenter through the firewall on HTTPS/443 going to Microsoft's Azure Infrastructure.
However, I need specific URLs and/or IP Addresses for the firewall request because I can't submit using wildcards.
I've reviewed the links below for guidance, but I don't see specific URLs without wildcards.
Is there another link or information source I should review for Azure destinations?
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports
Thank you in advance. Your support is greatly appreciated!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Hi @JC34209324 ,
Thanks for visiting our forum. According to your description above, your issue seems to be more related to Azure. So we would move the irrelevant tags, and hope your issue can be resolved soon.
Hello, please take a closer look to rule with ID 56 of Microsoft 365 Common and Office Online, there you will find plenty of specific URLs and IPs required for AD Connect. You can omit the others.
Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.
anonymous user-msft Based on ID 56 for "Allow Required", can I omit the two items below?
*.msftidentity.com
*.msidentity.com
Will the URLs and IPs communicating on port 443 allow connectivity to the Azure Infrastructure moving forward? Is communication on port 80 absolutely necessary or can it also be omitted?
account.activedirectory.windowsazure.com
accounts.accesscontrol.windows.net
adminwebservice.microsoftonline.com
api.passwordreset.microsoftonline.com
autologon.microsoftazuread-sso.com
becws.microsoftonline.com
clientconfig.microsoftonline-p.net
companymanager.microsoftonline.com
device.login.microsoftonline.com
graph.microsoft.com
graph.windows.net
login.microsoft.com
login.microsoftonline.com
login.microsoftonline-p.com
login.windows.net
logincert.microsoftonline.com
loginex.microsoftonline.com
login-us.microsoftonline.com
nexus.microsoftonline-p.com
passwordreset.microsoftonline.com
provisioningapi.microsoftonline.com
20.190.128.0/18
40.126.0.0/18
Thank you!
anonymous user-msft I will test these and reply to you soon. Thanks for the input!
Great. Anytime!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 38%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Where is it documented that AD Connect relates to ID 56 and only ID 56?
Hello @JONSSON Patrick , please take a look to Azure AD Connect Connectivity for up-to-date information.
Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so that others in the community with similar questions can more easily find a rated solution
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 39%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
in the URL referenced I cannot find any specific mentioning of AD Connect.
Hi Peter, see the link you provide above:
Those point to:
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports
and