Azure AD Connect Port Communication Requirements

JC34209324 51 Reputation points
2020-12-08T23:09:53.247+00:00

Hello, I'm currently migrating a vCenter hosted VM from one datacenter to another and need to submit a firewall request for communication from the new datacenter.

I only see one rule going from the server in the current datacenter through the firewall on HTTPS/443 going to Microsoft's Azure Infrastructure.

However, I need specific URLs and/or IP Addresses for the firewall request because I can't submit using wildcards.

I've reviewed the links below for guidance, but I don't see specific URLs without wildcards.

Is there another link or information source I should review for Azure destinations?

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports

https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide

Thank you in advance. Your support is greatly appreciated!

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

2 answers

Sort by: Most helpful
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator
    2020-12-09T19:16:03.217+00:00

    Hello, please take a closer look to rule with ID 56 of Microsoft 365 Common and Office Online, there you will find plenty of specific URLs and IPs required for AD Connect. You can omit the others.

    Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.

    1 person found this answer helpful.

  2. Andy David - MVP 157.7K Reputation points MVP Volunteer Moderator
    2023-03-22T11:48:55.37+00:00
    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.