Integration runtime whitelisting IP for SFTP connection

Wessel Van Erp 1 Reputation point


For a customer I'm currently working on a project where we periodically want toload data from an SFTP server with the use of Data Factory. I can't, however, get it to work. Everytime I'm trying to make a connection using the AutoResolveIntegrationRuntime, I get the message:
SocketErrorCode: 'TimedOut'. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

I think the problem is on our side. I'm able to connect to the SFTP server using Filezilla and using a locally installed IR I was able to make to connection in Data Factory. Hence, it seems that the SFTP server is blocking Azure somehow.

We have whitelisted the IP adresses stated on: Since our Data Factory is hosted in Western Europe, I assume that I have to whitelist the IP adresses for that part of the world:,,

Below a link to a screenshot of the configuration of the SFTP server (I can't upload it here somehow):

Can anybody tell what I'm doing wrong?

Thank you in advance for helping me out.

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
7,177 questions
{count} votes

1 answer

Sort by: Most helpful
  1. KranthiPakala-MSFT 39,012 Reputation points Microsoft Employee

    Hi @Wessel Van Erp ,

    If you choose to use the auto-resolve Azure IR for both Source and Sink , which is the default,

    For copy activity, ADF will make a best effort to automatically detect your sink data store's location, then use the IR in either the same region if available or the closest one in the same geography; if the sink data store's region is not detectable, IR in the data factory region as alternative is used.

    For example, you have your factory created in East US,

    When copy data to Azure Blob in West US, if ADF successfully detected that the Blob is in West US, copy activity is executed on IR in West US; if the region detection fails, copy activity is executed on IR in East US.
    When copy data to Salesforce of which the region is not detectable, copy activity is executed on IR in East US.

    For more clarification please refer to this doc : Integration runtime location

    In case if your sink is also using Azure IR, I would recommend you to please try white-listing Sink data store region IP range, else try white-listing all the Azure IR Ip range
    mentioned in the document. (Azure Integration Runtime IP addresses)

    Hope this helps.


    Thank you

    Please do consider to click on "Accept Answer" and "Upvote" on the post that helps you, as it can be beneficial to other community members.