This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 8%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
When I try to run my Azure Function through Code + Test -> Test/Run functionality in the Azure Portal, I'm getting the following error message:
"You must have direct network access in order to run your function. Your app may be restricted with Private Endpoints, Access Restrictions or Service Endpoints."
The function app has got a Vnet Integration enabled with 'Microsoft.Storage' service endpoint enabled on the subnet so it deploys ok from the storage account.
It also has a few rules on the Access Restrictions list. Within these rules, I've got my external IP whitelisted. As far as I remember, I needed this rule to be able to test the function through the Azure Portal (Test/Run). Now, I'm getting this error.
I had a look into the "Diagnose and solve problems" section and can see the requests for Test/Run are coming not from my public IP but 52.143.137.144 . As soon as I whitelist this IP address I'm able to run the test. This IP address falls into a range 52.143.128.0/18 published here (francec).
Has anything changed recently that could be causing the above issue?
How can I run a test from the Azure Portal with Access Restriction enabled?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 18%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
I've been looking for the IP ranges that Azure uses for Test/Run and haven't been able to find them. I'm also running into this issue and didn't see anything when looked into "Diagnose and solve problems".
Does anyone know what they are? Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 54%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Me too... Does anyone know how to find the IP ranges that Azure uses for Test/Run?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 87%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
This StackOverflow post has a workable solution for this problem:https://stackoverflow.com/questions/67711131/how-to-configure-azure-function-access-restrictions-to-allow-for-testing-via-por
it means that Test/Run button sends test request from server side (Azure) - at least it would explain why request comes not from your IP address but from Azure (if it would send request from client side - request would come from your IP address). So your workaround with adding Azure IP to white list looks correct