Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
Hi,
We have a customer, who liked to use the Power BI Enterprsie Gateway. The customer has an firewall installed that blocks all incoming traffic. We found a list with ports https://powerbi.microsoft.com/de-de/documentation/powerbi-gateway-enterprise/#ports here. The problem is the Firewall and Proxy can only pass Ip Adress no DNS adresses like
*.powerbi.com | 443 | HTTPS |
Does anybody knows the full IP-Adresses for alle these Microsoft Services ? For your Customer it is very urgent. Thanks a lot.
*.powerbi.com | 443 | HTTPS |
*.analysis.windows.net | 443 | HTTPS |
*.login.windows.net | 443 | HTTPS |
*.servicebus.windows.net | 5671-5672 | Advanced Message Queuing Protocol (AMQP) |
*.servicebus.windows.net | 443, 9350-9354 | Listeners on Service Bus Relay over TCP (requires 443 for Access Control token acquisition) |
*.frontend.clouddatahub.net | 443 | HTTPS |
**.core.windows.net | 443 | HTTPS |
login.microsoftonline.com | 443 | HTTPS |
login.windows.net | 443 | HTTPS |
Kind regards
Lukas
Solved! Go to Solution.
Here is the list of Azure Data Center IP's. Those ports are for Azure Service Bus and not Power BI specifically. We don't list IP ranges for specific services as the IPs can change based on service needs. This should get you what you need.
Microsoft Azure Datacenter IP Ranges
https://www.microsoft.com/en-us/download/details.aspx?id=41653
Hello,
I know this thread is a bit old but I am facing the same issue with on-premise enterprise gateway and corporate firewall.
The tool fails to create/configure a gateway. I was able to extract these exceptions from the configurator logs. Your help is highly appreciated!
EnterpriseGatewayConfigurator.exe Information: 0 : backendUriFromService: https://wabi-north-europe-redirect.analysis.windows.net/ EnterpriseGatewayConfigurator.exe Warning: 0 : DiscoverUnifiedGateway returned exception: System.AggregateException: One or more errors occurred. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult) at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult) --- End of inner exception stack trace --- at System.Net.Security._SslStream.EndRead(IAsyncResult asyncResult) at System.Net.TlsStream.EndRead(IAsyncResult asyncResult) at System.Net.Connection.ReadCallback(IAsyncResult asyncResult) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.PowerBI.DataMovement.ExternalClient.PowerBIDataMovementClientExtensions.<GetUnifiedGatewayClustersRequireAdminAsync>d__40.MoveNext() --- End of inner exception stack trace --- at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification) at Microsoft.PowerBI.DataMovement.GatewayUiCommon.WizardViewModelBase.GetGatewayCollection(HttpClient gatewayHttpClient) ---> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult) at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult) --- End of inner exception stack trace --- at System.Net.Security._SslStream.EndRead(IAsyncResult asyncResult) at System.Net.TlsStream.EndRead(IAsyncResult asyncResult) at System.Net.Connection.ReadCallback(IAsyncResult asyncResult) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.PowerBI.DataMovement.ExternalClient.PowerBIDataMovementClientExtensions.<GetUnifiedGatewayClustersRequireAdminAsync>d__40.MoveNext()<--- EnterpriseGatewayConfigurator.exe Information: 0 : Model gateway state: Unconfigured.
Note that we have already configured firewall rules to allow traffic on the ports listed in https://docs.microsoft.com/en-us/data-integration/gateway/service-gateway-communication
Dear All,
I have the same problem. My customer wants to add the IP ranges for PowerBI online services to be part of the exceptions to use the Data Gateway installed on their DMZ server to access PowerBI. Kindly advise if this is possible.
Thanks,
Mahmoud
Dea
These are outbound connections. Not inbound. Is outbound traffic on those items being blocked?
Yes, outgoing communication to non standard-ports is being blocked
(standard 443) should be working
(non standard 5671-5672 and 9350-9354) is not working and agreed from firewall team that these ports a being blocked and target IPs are needed
Here is the list of Azure Data Center IP's. Those ports are for Azure Service Bus and not Power BI specifically. We don't list IP ranges for specific services as the IPs can change based on service needs. This should get you what you need.
Microsoft Azure Datacenter IP Ranges
https://www.microsoft.com/en-us/download/details.aspx?id=41653
Hi there,
I know it was tagged as solved but in my case it didn't solve the problem.
So, we are facing the same problem a year later and the proposed solution is not quite practical for us. That files sums up about 3000 IP addresses.
In normal cases it's fine (nowadays firewalls are pretty good) but in our case we are in AWS environment and we use Security Groups (SG) and the maximum number of rules is 50.
The other alternative was to use the domain list provided in Power BI website but in that list there are wild cards for subdomains. That makes the situation harder because we would need a software (proxy) that can treat all requests and see if it's ok or not (that by itself can bring other security concerns)
Anyhow, I don't know if one year later a more elegant solution has been devised and if so please let us know.
Frank
Thank you for this hint.
I checked the download. It is currently not available 😞
I just tried it and it worked. It is just an xml file. This could change in the furture! for the benefit of other folks maybe seeing this in the future. Please try to download it from the above link first - as that will have the latest version!
I tried to attach the file, but it isn't letting me. Even if i rename it to .txt. 😞 Can you try the download page again?
It's working again. The File includes a date and this was changed in the last days.
Now I got the list..
Thank you!
Hi thanks for you reply.
I can't download the file with the IP ranges. The file seems not be in place. Can you please send me a copy, if you have on?
Kind regards
Lukas