Share via

Cisco Firepower & Microsoft Azure AD Connect

Антон Мошковский 21 Reputation points
2021-09-07T08:27:11.75+00:00

Good afternoon. We are faced with a problem that CISCO Firepower does not support wildcard in URL. What IPs or full URLs need to be opened on firefall to work with Microsoft 365 (Azure AD Connect)

Microsoft Security | Microsoft Entra | Microsoft Entra ID

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Danny Zollner 10,801 Reputation points Microsoft Employee Moderator
    2021-09-09T16:06:26.45+00:00

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports#table-2---azure-ad-connect-and-azure-ad

    That link brings you to a page that then links to this:

    https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide

    Inside of that page, I believe that you need sections 56 and 59 of the "Microsoft 365 Common and Office Online" section. As you cannot do the wildcarded URLs that are recommended, instead add the IP ranges in those sections.

    1 person found this answer helpful.
  2. Augusto Souza Nunes 0 Reputation points
    2025-02-18T20:30:38.8266667+00:00

    Hello Антон,

    Cisco firepower wildcard for URLs does not need any string.
    Example for *.microsoft.com you would do only microsoft.com, it allows any subdomain that matches the primary domain url.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.