Intune urls and ip address ranges. It's important to avoid TLS Break and Inspect and Proxy Authentication for the Optimize and Allow category endpoints. Intune is a Mobile Device Management service that is part of Microsoft's Enterprise Mobility + Security offering. Jul 31, 2025 · Addresses: Lists the FQDNs or wildcard domain names and IP address ranges for the endpoint set. This option involves creating a custom rule within Intune's security policies tailored to allow inbound traffic on port 3389, which is used for access to Cloud PCs. We block all IP addresses that connect via HTTP unless explicitly whitelisted. On Zoom Status, Zoom announces scheduled maintenance when IP address updates are planned. To start blocking IP addresses and/or URLs, turn on the " Custom network indicators " feature in the Microsoft Defender portal. For IPv6, you can allow outbound connections to these network ranges: 2403:300::/32 2620:149::/32 2a01:b740::/32 HTTP proxy Oct 28, 2024 · Outbound traffic restrictions If your organization restricts outbound network traffic to specific IP ranges, you'll have to update these addresses to include IPv6 endpoints. TCP and UDP ports configured as described in Port and protocol requirements for Microsoft 365 and Microsoft 365 URLs and IP address ranges for Microsoft Teams. Allow the ports, IP addresses, and endpoint URLs in your proxy server configuration. Jan 5, 2022 · I would like to add IP address range for Microsoft Intune to our FW whitelist to allow a certain server to register device over CLI (maybe Connect-MSGraph command). com/changes/USGovGCCHigh/2020072800?singleVersion=true&clientRequestId=b10c5ed1-bad1-445f-b386-b919946339a7 Oct 20, 2025 · To start blocking IP addresses and/or URLs, turn on the " Custom network indicators " feature in the Microsoft Defender portal. This optimization includes identifying and removing duplicate IP addresses and then aggregating the remaining IP addresses into a smaller number of contiguous address ranges. Afterward, it displays the information in an Out-GridView Windows for easy sorting and filtering (You can copy your selection in the window with CTRL-C) or to a CSV if you Mar 24, 2025 · To add routes for all current IP address ranges in the Optimize category, you can use the following script variation to query the Microsoft 365 IP and URL web service for the current set of Optimize IP subnets and add them to the route table. Oct 24, 2022 · If you use Microsoft Intune (aka Microsoft Endpoint Configuration Manger) and are filtering Internet access from your corporate network, you need to update your firewall filtering configuration to update the allowed IP addresses for Microsoft Intune. The feature is found in Settings > Endpoints > General > Advanced features. Under the AzureActiveDirectory section, the IP ranges 40. Apr 6, 2025 · This article provides a list of ports and IP addresses you need to allow and allowlist to work with Microsoft Defender for Cloud Apps. Oct 20, 2025 · This file contains the IP address ranges for US Government Azure as a whole, each Azure region within US Government , and ranges for several Azure Services (Service Tags) such as Storage, SQL and AzureTrafficManager in US Government . com and many others. In the Internet Service Database (ISDB), there are multiple entries for Microsoft Office 365. May 1, 2023 · Each Site has a Server configuration (IP ranges, DNS servers, and split tunneling rules) that is applied to the Servers attached to that Site. For example, if google. Intune uses Azure AD ranges to gain access to several Intune services, and depending on your configuration, you may see an end-user affect if action is not taken. Oct 29, 2023 · Reducing the Defender for Endpoint URL set by more than 60% Offering the option to use static Defender for Endpoint-dedicated IP ranges instead of URLs when configuring their network environments Adding support for Defender for Endpoint Azure service tags – that´s nice! Mar 15, 2023 · This list includes some of the FQDNs and IP Addresses used by Microsoft Services, this may be useful for identifying outgoing traffic and creating web filtering exceptions. 0/24, you can create and deploy this Jun 24, 2025 · Review endpoints for Intune. Allow specific URL’s Oct 16, 2025 · FQDN and IP addresses where the Global Secure Access service receives traffic Add Anycast IP ranges for accessing the Global Secure Access service edge to your enterprise Access Control Lists (ACLs) and firewalls. For IPv4, you can allow outbound connections to 17. For example, If you want to allow RDP from source 10. We then specify which sites are used for which devices/apps via policy in Intune. You need one extra IP address per dev box, and one IP addresses for the health check and Dev Box infrastructure. If you're using a Next Generation Firewall (NGFW), you need to use a dynamic list made for Azure IP addresses to make sure you can connect. xd78 rerfmh bwpwr lrns lwr9uu av0ou blc gvsy sspk ymdkt