My firewall recently blocked Microsoft Azure AD Connect which caused issues with syncing to 365. Turns out the issue was that my IPS (Intrusion Prevention System) flagged it as being “suspected RST injection”.
Normally when something like this happens it’s typically the IPS being overly sensitive and I usually can whitelist the specific detection however the IPS is blocking other things correctly that are also flagged as “suspected RST injection” because this is Microsoft Azure I can’t simply just whitelist the IP or a short IP range because there are so many and they can change fairly often.
Microsoft does list some of the IPs for most of 365 on their website however the IPs that were being blocked from my side of things was 126.96.36.199 and 188.8.131.52. Which aren’t in the main lists as they are part of the Azure side of things.
There’s a link on the same page that will take you to a download page for all the Azure IPs. However they update that file weekly. AWS publishes a JSON file of their IPs here.
It’s been years that people have asked for Microsoft to just publish the IPs in a JSON file like how AWS does. There’s a feedback request from 2016 asking for something like that here. Microsoft did make the JSON file available but in a roundabout way.