Solved

Open ports /Ip's DirSync

Posted on 2014-01-28
5
2,443 Views
Last Modified: 2014-01-29
Good day

Can someone please tell me which ports and IP's we need to open on our firewall in order to have Dirsync working. I have read an article which recommends opening ports 443 and 80. Unfortunately we cannot just open these ports for any IP, and need to be more specific to keep our environment secure.
0
Comment
Question by:iamdieter
5 Comments
 
LVL 6

Expert Comment

by:Spyder2010
ID: 39814996
Here is the MS article detailing the Microsoft Office365 datacenter IP address ranges... I'm assuming that is what you are using DirSync for:

http://help.outlook.com/en-us/exchangelabshelp/gg263350

http://technet.microsoft.com/en-us/library/hh510075.aspx
0
 

Author Comment

by:iamdieter
ID: 39815020
Hi Spyder2010, thank you for the articles. These are the articles I came across, and am not prepared to create one rule on the firewall for 8 IP ranges. We are in the Ireland data center, and would like to know the exact IP's and ports we need to open.
0
 
LVL 6

Expert Comment

by:Spyder2010
ID: 39815053
I see.  Our company recently moved to Office365, and we ran across the same issues, but unfortunately were told that we needed to open ports to all of the ranges listed in those articles.... due to MS having datacenters all over the globe, they claimed that your clients may be redirected to different datacenters depending on network load, maintenance, geographical location, etc...

The only options I know of would be to contact Microsoft directly... I would assume you have a contract of some sort(CloudVantage?) with them if you're using DirSync... you can ask them for specific IPs, maybe you'll have better luck than we did, but most likely they are going to tell you that you need to open the firewall to all of the ranges in the articles.

You could run network traffic monitoring software on your network, and sort through the logs to see which of the ranges your clients are making connections to, and only open to those... however, I would say that would put you into an 'unsupported configuration' by MS's standards, and if you ever have connection issues, they are likely going to ask that you open to all of the ranges before they will troubleshoot further.

Sorry this isn't a better answer, this is just what I've run into with my experiences dealing with MS, O365, and a similar situation.
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 39815326
You can open those ports only for *.microsoftonline.com
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39816496
You should only need to open 80 and 443 (inbound/outbound) to the following:
*.microsoftonline.com and *.verisign.com

Jeff
TechSoEasy
0

Featured Post

ScreenConnect 6.0 Free Trial

Check out the updates in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI that improves session organization and overall user experience. See the enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question