You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: azure-local/concepts/firewall-requirements.md
+9-2Lines changed: 9 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,7 +31,7 @@ Azure Local needs to periodically connect to Azure for:
31
31
- Ports 80 (HTTP) and 443 (HTTPS)
32
32
33
33
> [!IMPORTANT]
34
-
> Azure Local doesn't support HTTPS inspection. Make sure that HTTPS inspection is disabled along your networking path for Azure Local to prevent any connectivity errors.
34
+
> Azure Local doesn't support HTTPS inspection. Make sure that HTTPS inspection is disabled along your networking path for Azure Local to prevent any connectivity errors. This includes use of [Entra ID **tenant restrictions**](/entra/identity/enterprise-apps/tenant-restrictions) which is not supported for Azure Local management network communication.
35
35
36
36
As shown in the following diagram, Azure Local can access Azure using more than one firewall potentially.
37
37
@@ -98,7 +98,6 @@ Ensure that the following firewall rules are configured in your on-premises fire
98
98
>[!NOTE]
99
99
> While installing Windows Admin Center, if you select the **Use WinRM over HTTPS only** setting, then port 5986 is required.
100
100
101
-
102
101
### Active Directory
103
102
104
103
Ensure that the following firewall rules are configured in your on-premises firewall for Active Directory (local security authority).
@@ -107,6 +106,14 @@ Ensure that the following firewall rules are configured in your on-premises fire
107
106
|:--|:--|:--|:--|:--|:--|
108
107
| Allow inbound/outbound connectivity to the Active Directory Web services (ADWS) and Active Directory Management Gateway Service | Allow | Active Directory Services | Azure Local | TCP | 9389 |
109
108
109
+
### Network Time Protocol
110
+
111
+
Ensure that the following firewall rules are configured in your on-premises firewall for Network Time Protocol (NTP).
| Allow inbound/outbound connectivity to the Network Time Protocol (NTP) server. This can be Active Directory domain controllers, or an NTP appliance | Allow | Azure Local | Network Time Protocol (NTP/SNTP) server | UDP | 123 |
116
+
110
117
### Failover Clustering
111
118
112
119
Ensure that the following firewall rules are configured in your on-premises firewall for Failover Clustering.
0 commit comments