Inbound Exchange hybrid URLs

Copper Contributor

Hi Community, For inbound traffic from EXO to EXCH in a hybrid deployment, other than port 25 for mail delivery, the only other inbound traffic required is for outlook.office.com and outlook.office365.com on TCP 443 to connect to EXCH for autodiscover and EWS/MRS?

4 Replies

Hi @Northerly 

you will need to allow below in firewall URL so Client can connect 

Office 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn

For Exchage Server

TCP 443 (HTTPS) for outlook,OWA,ActiveSync,EWS,MRS (Migrations)

TCP 25 (SMTP) for mail flow

if you d0n't want to open port in you Firewall to exchange server you can deploy Hybrid Agent (Built on Azure App Proxy Technology)

 

 

If I have answered your question, please mark your post as Solved

If you like my response, please give it a Like :smile:

Appreciate your Kudos! Proud to contribute! 🙂

 

 

Hi Recep, thanks for the response. I'm aware of the O365 URLs and the Hybrid deployment protocols, ports, and endpoints doc, however it just says Exchange Online Endpoints. Those EXO endpoints I believe are outlook.office.com and outlook.office365.com. Hybrid Agent will not be used.

Hi @Northerly 

there is also 

*.outlook.com,*.protection.outlook.com,*.mail.protection.outlook.com

if your firewall support rest API you can configure it will do all requires for you.

 

 


If I have answered your question, please mark your post as Solved

If you like my response, please give it a Like :smile:

Appreciate your Kudos! Proud to contribute! 🙂

 

 

@Deleted 

 

great, thanks Recep.

basically, all of the EXO endpoints require an inbound rule and a separate outbound rule on the firewall for ports 443 or 25 based on Office 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn