Allow access to Microsoft 365 via NSG service tags to virtual machines.

Rahamim Levi 156 Reputation points
2023-10-11T10:48:47.8766667+00:00

Hi all,

Is there a way to limit virtual machines http traffic to Microsoft services only (SharePoint, Exchange, etc...) via NSG?

We don't want to open http to any traffic.

Thanks, Rahamim.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,773 questions
{count} votes

1 answer

Sort by: Most helpful
  1. KapilAnanth-MSFT 49,611 Reputation points Microsoft Employee Moderator
    2023-10-12T06:48:05.2233333+00:00

    @Rahamim Levi

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to know if we can only allow access to Microsoft services using NSG.

    Currently, this won't be feasible using NSG.

    We do not have an explicit Service Tag that we can use in an NSG for Office365 services currently.

    However, you can do this by using an Azure Firewall.

    You can find a list of Office 365 URLs and IP address ranges here.

    You must configure the Azure Firewall to only allow the above URLs and IP address ranges.

    These below documents may come in handy:

    Hope this helps.

    Please let me know should you require more information.

    Cheers,

    Kapil

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.