Forum Discussion
MicrosoftMigrating to the new web services based publishing for Office 365 IP Addresses and URLs
Paul,
Reaching out to you as I couldn't find another avenue to ask about this. We've started using rest-based clientrequestID method of retrieving the IPs and URLs necessary for us to create firewall rules in our environment. Everything has been going well with the exception that sometimes secure.aadcdn.microsoftonline-p.com is blocked because the IP it is resolving to an IP that is not on the most up to date list. Examples would be 23.57.51.177 or 104.100.70.5.
Am I missing something? Should those IPs be on the list?
MicrosoftHello Carlos Costa,
Taking a look for secure.aadcdn.microsoftonline-p.com I can see that it is in the Default network endpoint category. These two lines of PowerShell can be used to query it.
$e = invoke-restmethod -Uri ("https://endpoints.office.com/endpoints/WorldWide?noipv6&clientrequestid=" + ([GUID]::NewGuid()).Guid)
$e | Where-Object { "secure.aadcdn.microsoftonline-p.com" -in $_.urls }
We have a policy of not providing IP Addresses for Default category network endpoints and recommend that you direct network traffic for them to your default Internet egress point. No firewall rules should be required just as no firewall rules are required for other proxied connections.
Regards,
Paul