Skip to content

Commit 13ed393

Browse files
Merge pull request #16699 from sethmanheim/hubki1-06
Update download URL and add to Hub known issues
2 parents f8a5ad6 + 89aad4b commit 13ed393

File tree

2 files changed

+15
-5
lines changed

2 files changed

+15
-5
lines changed

azure-stack/operator/azure-stack-integrate-endpoints.md

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ title: Publish Azure Stack Hub services in your datacenter
33
description: Learn how to publish Azure Stack Hub services in your datacenter.
44
author: sethmanheim
55
ms.topic: article
6-
ms.date: 01/10/2022
6+
ms.date: 01/06/2025
77
ms.author: sethm
88
ms.reviewer: wamota
99
ms.lastreviewed: 09/30/2021
@@ -62,21 +62,20 @@ With the addition of the [Extension Host](azure-stack-extension-host-prepare.md)
6262
| |ftp.appservice.*&lt;region>.&lt;fqdn>*|TCP, UDP|21, 1021, 10001-10100 (FTP)<br>990 (FTPS)|
6363
|VPN Gateways| | IP Protocol 50 & UDP| Encapsulation Security Payload (ESP) IPSec & UDP 500 and 4500
6464

65-
6665
## Ports and URLs (outbound)
6766

6867
Azure Stack Hub supports only transparent proxy servers. In a deployment with a transparent proxy uplink to a traditional proxy server, you must allow the ports and URLs in the following table for outbound communication. For more information on configuring transparent proxy servers, see [Transparent proxy for Azure Stack Hub](azure-stack-transparent-proxy.md).
6968

7069
SSL traffic interception is [not supported](azure-stack-firewall.md#ssl-interception) and can lead to service failures when accessing endpoints. The maximum supported timeout to communicate with endpoints required for identity is 60s.
7170

72-
> [!Note]
71+
> [!NOTE]
7372
> Azure Stack Hub doesn't support using ExpressRoute to reach the Azure services listed in the following table because ExpressRoute may not be able to route traffic to all of the endpoints.
7473
7574
|Purpose|Destination URL|Protocol / Ports|Source Network|Requirement|
7675
|---------|---------|---------|---------|---------|
7776
|**Identity**<br>Allows Azure Stack Hub to connect to Microsoft Entra ID for User & Service authentication.|**Azure**<br>`login.windows.net`<br>`login.microsoftonline.com`<br>`graph.windows.net`<br>`https://secure.aadcdn.microsoftonline-p.com`<br>`www.office.com`<br>ManagementServiceUri = `https://management.core.windows.net`<br>ARMUri = `https://management.azure.com`<br>`https://*.msftauth.net`<br>`https://*.msauth.net`<br>`https://*.msocdn.com`<br>**Azure Government**<br>`https://login.microsoftonline.us/`<br>`https://graph.windows.net/`<br>**Azure China 21Vianet**<br>`https://login.chinacloudapi.cn/`<br>`https://graph.chinacloudapi.cn/`<br>**Azure Germany**<br>`https://login.microsoftonline.de/`<br>`https://graph.cloudapi.de/`|HTTP 80,<br>HTTPS 443|Public VIP - /27<br>Public infrastructure Network|Mandatory for a connected deployment.|
78-
|**Marketplace syndication**<br>Allows you to download items to Azure Stack Hub from the Marketplace and make them available to all users using the Azure Stack Hub environment.|**Azure**<br>`https://management.azure.com`<br>`https://*.blob.core.windows.net`<br>`https://*.azureedge.net`<br>**Azure Government**<br>`https://management.usgovcloudapi.net/`<br>`https://*.blob.core.usgovcloudapi.net/`<br>**Azure China 21Vianet**<br>`https://management.chinacloudapi.cn/`<br>`http://*.blob.core.chinacloudapi.cn`|HTTPS 443|Public VIP - /27|Not required. Use the [disconnected scenario instructions](azure-stack-download-azure-marketplace-item.md) to upload images to Azure Stack Hub.|
79-
|**Patch & Update**<br>When connected to update endpoints, Azure Stack Hub software updates and hotfixes are displayed as available for download.|`https://*.azureedge.net`<br>`https://aka.ms/azurestackautomaticupdate`|HTTPS 443|Public VIP - /27|Not required. Use the [disconnected deployment connection instructions](azure-stack-update-prepare-package.md) to manually download and prepare the update.|
77+
|**Marketplace syndication**<br>Allows you to download items to Azure Stack Hub from the Marketplace and make them available to all users using the Azure Stack Hub environment.|**Azure**<br>`https://management.azure.com`<br>`https://*.blob.core.windows.net`<br>`https://*.azureedge.net`<br>`https://azurestackhub.download.prss.microsoft.com`<br>**Azure Government**<br>`https://management.usgovcloudapi.net/`<br>`https://*.blob.core.usgovcloudapi.net/`<br>**Azure China 21Vianet**<br>`https://management.chinacloudapi.cn/`<br>`http://*.blob.core.chinacloudapi.cn`|HTTPS 443|Public VIP - /27|Not required. Use the [disconnected scenario instructions](azure-stack-download-azure-marketplace-item.md) to upload images to Azure Stack Hub.|
78+
|**Patch & Update**<br>When connected to update endpoints, Azure Stack Hub software updates and hotfixes are displayed as available for download.|`https://*.azureedge.net`<br>`https://azurestackhub.download.prss.microsoft.com`<br>`https://aka.ms/azurestackautomaticupdate`|HTTPS 443|Public VIP - /27|Not required. Use the [disconnected deployment connection instructions](azure-stack-update-prepare-package.md) to manually download and prepare the update.|
8079
|**Registration**<br>Allows you to register Azure Stack Hub with Azure to download Azure Marketplace items and set up commerce data reporting back to Microsoft. |**Azure**<br>`https://management.azure.com`<br>**Azure Government**<br>`https://management.usgovcloudapi.net/`<br>**Azure China 21Vianet**<br>`https://management.chinacloudapi.cn`|HTTPS 443|Public VIP - /27|Not required. You can use the disconnected scenario for [offline registration](azure-stack-registration.md).|
8180
|**Usage**<br>Allows Azure Stack Hub operators to configure their Azure Stack Hub instance to report usage data to Azure.|**Azure**<br>`https://*.trafficmanager.net`<br>`https://*.cloudapp.azure.com`<br>**Azure Government**<br>`https://*.usgovtrafficmanager.net`<br>`https://*.cloudapp.usgovcloudapi.net`<br>**Azure China 21Vianet**<br>`https://*.trafficmanager.cn`<br>`https://*.cloudapp.chinacloudapi.cn`|HTTPS 443|Public VIP - /27|Required for Azure Stack Hub consumption based licensing model.|
8281
|**Windows Defender**<br>Allows the update resource provider to download antimalware definitions and engine updates multiple times per day.|`*.wdcp.microsoft.com`<br>`*.wdcpalt.microsoft.com`<br>`*.wd.microsoft.com`<br>`*.update.microsoft.com`<br>`*.download.microsoft.com`<br><br>`https://secure.aadcdn.microsoftonline-p.com`<br>|HTTPS 80, 443|Public VIP - /27<br>Public infrastructure Network|Not required. You can use the [disconnected scenario to update antivirus signature files](azure-stack-security-av.md#disconnected-scenario).|

azure-stack/operator/known-issues.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -237,6 +237,17 @@ To access known issues for a different version, use the version selector dropdow
237237

238238
::: moniker-end
239239

240+
::: moniker range="azs-2406 || azs-2408 || azs-2311"
241+
## Update
242+
243+
### Update URL is changing
244+
245+
- Applicable: This issue applies to all supported versions of Azure Stack Hub.
246+
- Cause: The update URL for Azure Stack Hub is changing from `https://azurestackhub.azureedge.net/PR/download` to `https://azurestackhub.download.prss.microsoft.com`.
247+
- Remediation: To enable the update process, you must update your client firewall rules to allow HTTPS traffic from the Azure Stack Hub base URL `https://azurestackhub.download.prss.microsoft.com`.
248+
- Occurrence: Common.
249+
::: moniker-end
250+
240251
<!------------------------------------------------------------>
241252
<!------------------- UNSUPPORTED VERSIONS ------------------->
242253
<!------------------------------------------------------------>

0 commit comments

Comments
 (0)