Forum Discussion
Hybrid Exchange and firewall requirments
Can someone please confirm something for me. We are about to do a hybrid cloud deployment while we migrate from on-prem to fully EXO.
I'm told we need a firewall rule to allow port 25 and 443 inbound to my exchange hosts from below sources:
*.protection.outlook.com, 40.92.0.0/15, 40.107.0.0/16, 52.100.0.0/14, 52.238.78.88/32, 104.47.0.0/17
Does this sound like a correct requirement for a Exchange Hybrid setup? Good security practices tell me to not allow major ranges like that.
2 Replies
- That's actually a subset of the required URLs and IPs. Details of the requirements are published at the below link. You also need to open outbound connections as well.
https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#exchange-online- Ok thanks for that but is the original question, correct? Do I need to allow all these IP's access to my exchange server? Seems like a lot wouldn't Microsoft use some kind of routing servers or something so you don't have to turn your firewall into Swiss cheese.
