Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

The ultimate Microsoft Fabric, Power BI, Azure AI & SQL learning event! Join us in Las Vegas from March 26-28, 2024. Use code MSCUST for a $100 discount. Register Now

Reply
RhysLFS
New Member

Mass IP Whitelisting for Azure Datacenter

Hi there,

 

Setting up an On-Prem Power BI Gateway and having issues with the proxy service this server sits under.

 

Looking to open up the IP addresses for the Azure Datacenter and have been knocked back by IT Architecture/Security saying that the list is to large and generic and needs to be narrowed down to the specific list of IP's that the Gateway will use to talk to the Azure Datacenter.

 

Currently I can't find any documentation to support narrowing this list down to any subset other than what's provided by the below link. Has anyone been able to establish what IPs the Power BI service will communicate on?

 

https://powerbi.microsoft.com/en-us/documentation/powerbi-gateway-onprem-indepth/#ports

 

Any help is appreciated.

1 ACCEPTED SOLUTION
RhysLFS
New Member

Hi All,

 

Found a solution to my problem.

 

Downloading the newest version of the Power BI Gateway (or at least something from Februrary 2017 onwards) and setting the ServiceBusSystemConnectivityModeString to Https will force the Gateway to use Fully Qualified Domain Names (FQDN) instead of the IP addresses. These FQDN's are a part of the initial whitelist of proxies found in the on prem how to guide provided by Microsoft.

 

This also has the advantage of being future proof as the chaging IP addresses will still point to the same FQDNs.

 

Thanks Microsoft for providing this functionality.

 

Cheers.

View solution in original post

8 REPLIES 8
RhysLFS
New Member

Hi All,

 

Found a solution to my problem.

 

Downloading the newest version of the Power BI Gateway (or at least something from Februrary 2017 onwards) and setting the ServiceBusSystemConnectivityModeString to Https will force the Gateway to use Fully Qualified Domain Names (FQDN) instead of the IP addresses. These FQDN's are a part of the initial whitelist of proxies found in the on prem how to guide provided by Microsoft.

 

This also has the advantage of being future proof as the chaging IP addresses will still point to the same FQDNs.

 

Thanks Microsoft for providing this functionality.

 

Cheers.

v-sihou-msft
Employee
Employee

@RhysLFS

 

It's not possible the narrow down the Microsoft Azure Datacenter IP list. And you have to monitor and change it timely since this list is updated weekly. See: On-Premises Data Gateway FAQ

 

Regards,

i have a 3rd party vendor supplying data to me via amazon redshift.  they require whitelisting ip addresses.  in order for me to grab the data from redshift into power bi, i have to ask them to whitelist a new set of ip addresses each week?  how do i find what region my datacenter is in?

Hi Mmeyers,

 

We were also in this pickle, although in this scenario I am in the position of your redshift partner.  Annoyingly, PowerBI service isn`t split by region in the list of IP`s (lots of other products are like PowerQueryOnline and ADF) so what we had to do is download the list of IP`s, geolocate the IP addresses from the country\azure region where we know the PowerBI tenant is (we know this, there`s only 3) then white list the CIDR ranges from there.  All this is done in an automated fashion as the list of IP addresses is published every so often.  It`s the only way we could figure out how to do it.  Microsofts usual response is to use a gateway but a gateway won`t work if you want to push a dashboard out as a PowerBI app.

Why would a gateway not suffice for delivering content via a PBI app? Is it because you are a partner and not on the customer's tenant?

Template apps don`t support the use of either personal or enterprise gateways.

why create/maintain a gateway when powerbi service has the ability to connect to amazon redshift directly?

Exactly my point too.  Another cloud BI tool I work with (Qliksense) can supply 2 static IP addresses for whitelisting.

Helpful resources

Announcements
March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.

Fabric Community Conference

Microsoft Fabric Community Conference

Join us at our first-ever Microsoft Fabric Community Conference, March 26-28, 2024 in Las Vegas with 100+ sessions by community experts and Microsoft engineering.

Fabric Partner Community

Microsoft Fabric Partner Community

Engage with the Fabric engineering team, hear of product updates, business opportunities, and resources in the Fabric Partner Community.

Top Solution Authors
Top Kudoed Authors