What is the subnet for *.msftauth.net and *.msftauth.net ?

Question

The application under test has multi factor authentication enabled. This functionality is working as expected.

We have recently created a virtual machine which will be used for running load tests. When we open the application from this VM in particular, we see that it times out (net::ERR_CONNECTION_TIMED_OUT) at the authentication stage as the VM cannot reach https://aadcdn.msftauth.net and https://aadcdn.msftauth.net.

Our network team has asked to raise a firewall request and include the subnet values for aadcdn.msftauth.net and aadcdn.msftauth.net. May I know the subnet values are, please?

Answer 1

@Kar, Chirajeet ,

To allow these domain names, you are required to add them to the Application Rules in the firewall.

As documented for Azure Portal authentication safelisting:

login.microsoftonline.com
*.aadcdn.msftauth.net
*.aadcdn.msftauthimages.net
*.aadcdn.msauthimages.net
*.logincdn.msftauth.net
login.live.com
*.msauth.net
*.aadcdn.microsoftonline-p.com
*.microsoftonline-p.com

See also: https://learn.microsoft.com/en-us/azure/firewall/policy-rule-sets

If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions.