cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Device Management in Teams, URLs and IP address ranges

Alistair Keay
Brass Contributor

‎Jun 25 2020 08:34 AM

‎Jun 25 2020 08:34 AM

Device Management in Teams, URLs and IP address ranges

Is there any documentation on the URLs used with a Teams desk phone?

Specifically related to device management.

(Similar to Office 365 URLs and IP address ranges)

 

Capturing the traffic from a phone, from the point of it booting, to it pulling down new firmware it appears to reach out to the following largely in the order shown below

 

pool.ntp.org
<manufacturer URL. Eg g.cn>
www.google.com
2.android.pool.ntp.org
login.windows.net
*.teams.microsoft.com
outlook.office.com
in.appcenter.ms
teamsdevicemgmtsvcprod.blob.core.windows.net 

So overall everything up to the last two URLs are documented either by the manufacturer or from Office 365 URLs and IP address ranges.

 

I did stumble upon

https://www.msxfaq.de/teams/telefon/teams_phone_management.htm

 

Reason for asking is from my home network, phone updates work without a hitch

However from the corporate network with Palo Alto Firewalls the phones aren't updating

I need to understand the process and work with the network team to fix this etc.

 

Any advice welcome

 

Labels:
8,326 Views
1 Like
3 Replies
Reply
3 Replies
best response confirmed by ThereseSolimeno (Microsoft)
Linus Cansby

‎Jun 28 2020 12:16 PM

‎Jun 28 2020 12:16 PM

Solution

Re: Device Management in Teams, URLs and IP address ranges

You should only have to open for the URLs and addresses mentioned in the Office 365 URLs and IP documentation. https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-...

 

Other addresses it tries to connect to is since it is running Android and Android will try to connect to those addresses. NTP settings you can change in the phone settings so you use something else than ntp.org if you want to.

 

Updates should be downloaded from Microsoft servers after you have approved them in Teams Admin Center or when you trigger a phone to update firmware or software from TAC.

0 Likes
Reply
Alistair Keay

‎Jun 30 2020 02:28 PM

‎Jun 30 2020 02:28 PM

Re: Device Management in Teams, URLs and IP address ranges

thanks for the reply

however the url 

https://teamsdevicemgmtsvcprod.blob.core.windows.net

appears to be where the phone firmware is actually downloaded from

i noted this in my network capture (looking at dns queries) and the article I linked to also noted this in the phone logs Plus actually pulled firmware from the url.

i can’t find mention of this in any ms documentation. However you are welcome for you to prove me a liar!
so you can see why I am a bit worried. If this is true, what else might there be.

3 Likes
Reply
maikthulhu

‎Mar 11 2021 10:27 PM

‎Mar 11 2021 10:27 PM

Re: Device Management in Teams, URLs and IP address ranges

@Alistair Keay sorry to dig up such an old topic, but did you find a definitive answer on this? I've had a phone working intermittently (keeps getting stuck at the Company Portal app) on a network with just the currently published web service IPs and have noticed denies for addresses which point at things like mobile.azure.com and/or in.appcenter.ms. I don't know if they're critical, but it would be nice to figure this out.

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by ThereseSolimeno (Microsoft)
Linus Cansby

‎Jun 28 2020 12:16 PM

‎Jun 28 2020 12:16 PM

Solution

Re: Device Management in Teams, URLs and IP address ranges

You should only have to open for the URLs and addresses mentioned in the Office 365 URLs and IP documentation. https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-...

 

Other addresses it tries to connect to is since it is running Android and Android will try to connect to those addresses. NTP settings you can change in the phone settings so you use something else than ntp.org if you want to.

 

Updates should be downloaded from Microsoft servers after you have approved them in Teams Admin Center or when you trigger a phone to update firmware or software from TAC.

View solution in original post

0 Likes
Reply