Azure services URLs and IP addresses for firewall or proxy whitelisting

When you are working with Azure sometimes you have to whitelist specific IP address ranges or URLs in your corporate firewall or proxy to access all Azure services you are using or trying to use.

Some information like the datacenter IP ranges and some of the URLs are easy to find. Other things are more complicated to find like calling IP addresses of specific Azure services or specific URLs.

The list of Azure services specific URLs and IP addresses in this blog post is not complete and only a snapshot at the time of writing this post.

The post is divided into the following sections IP addresses, calling IP addresses and URLs.

I hope you find the summary useful and supportive for your day to day work with Azure.

IP addresses:

Datacenter IP ranges:

-> https://www.microsoft.com/en-us/download/details.aspx?id=41653

Azure CDN:

-> https://msdn.microsoft.com/library/mt757330.aspx

Calling IP addresses:

Logic App:

-> https://docs.microsoft.com/en-us/azure/app-service-logic/app-service-logic-limits-and-config#configuration

Traffic Manager:

Have a look at the section “What are the IP addresses from which the health checks originate?”.

-> https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring#faq

URLs:

PowerShell Get-AzureRmEnvironment / Azure main services URLs:

AzureEnvironment

NameValueValue 2
Active Directory Service Endpoint Resource Idhttps://management.core.windows.net/
Gallery Urlhttps://gallery.azure.com/
Management Portal Urlhttps://portal.azure.comhttps://manage.windowsazure.com
Service Management Urlhttps://management.core.windows.net/
Publish Settings File Urlhttps://manage.windowsazure.com/publishsettings/index
Resource Manager Urlhttps://management.azure.com/
Sql Database Dns Suffix.database.windows.net
Storage Endpoint Suffixcore.windows.net.blob.core.windows.net
.queue.core.windows.net
.table.core.windows.net
.file.core.windows.net
Active Directory Authorityhttps://login.microsoftonline.com/
Graph Urlhttps://graph.windows.net/
Graph Endpoint Resource Idhttps://graph.windows.net/
Traffic Manager Dns Suffixtrafficmanager.net
Azure Key Vault Dns Suffixvault.azure.net
Azure Data Lake Store File System Endpoint Suffixazuredatalakestore.net
Azure Data Lake Analytics Catalog And Job Endpoint Suffixazuredatalakeanalytics.net
Azure Key Vault Service Endpoint Resource Idhttps://vault.azure.net

Other Azure services URLs:

NameValueValue 2
Redis Cache.redis.cache.windows.net
App Service.azurewebsites.net
DocumentDBdocuments.azure.com
Azure Batchbatch.azure.com.{region}.batch.azure.com
Machine Learning Studiostudio.azureml.net
Machine Learning Galleryhttps://gallery.cortanaintelligence.com/
Machine Learning Web Service Managementservices.azureml.net
Service Bus.servicesbus.windows.net
Event Hubs.servicesbus.windows.net
Azure IoT Hub.azure-devices.net
API Management.azure-api.net
Azure Automation.azure-automation.net
Azure Automation Webhookshttps://s2events.azure-automation.net
Public IP, Azure LB, Web Application Gateway, Service Fabric, Azure Container Servicecloudapp.azure.com.{region}.cloudapp.azure.com
Azure Search.search.windows.net
Azure Analysis Servicesasazure.windows.net.{region}.asazure.windows.net
Logic Applogic.azure.com.{region}.logic.azure.com
CDN.azureedge.net
HDInsight.azurehdinsight.net

Azure Site Recovery:

-> https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-best-practices#url-access

Azure Backup:

-> https://docs.microsoft.com/en-us/azure/backup/backup-azure-backup-faq#what-firewall-rules-should-be-configured-for-azure-backup-br

Azure Log Analytics (OMS):

-> https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-proxy-firewall#configure-proxy-and-firewall-settings-with-the-microsoft-monitoring-agent

StorSimple:

-> https://docs.microsoft.com/en-us/azure/storsimple/storsimple-system-requirements#networking-requirements-for-your-storsimple-device

Data Factory – Data Management Gateway:

Have a look at “Ports and firewall” under the section “Installation”.

-> https://docs.microsoft.com/en-us/azure/data-factory/data-factory-data-management-gateway#installation

Azure MFA Server:

-> https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-get-started-server#install-and-configure-the-azure-multi-factor-authentication-server

Azure Automation Hybrid Runbook Worker:

-> https://docs.microsoft.com/en-us/azure/automation/automation-hybrid-runbook-worker#hybrid-runbook-worker-requirements

Azure KMS server:

-> https://blogs.technet.microsoft.com/supportingwindows/2015/05/20/use-azure-custom-routes-to-enable-kms-activation-with-forced-tunneling/

Facebooktwittergoogle_pluslinkedinmail

Leave a Reply