Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi,
at my company we recently started to use Power BI. We use an on-premise MySQL database, we'd like to get the data from.
I read that to get past our firewall and access the database from Power BI online, we would need to either whitelist the domain names or the Microsoft Azure IP ranges list. https://powerbi.microsoft.com/en-us/documentation/powerbi-gateway-enterprise/
Both ways aren't working for us. Whitelisting the domain names (mentioned in the link above) isn't possible since wildcards are not supported. Our IT admin told me that whitelisting the list of IP ranges also isn't possible, since we don't want to open up our database to such a big (and varying) list of IP ranges.
Is anyone aware of a way to allow Power BI online to get past the firewall of an on-premise database without having to whitelist such a big list of IP ranges?
(I'm neither a developer nor a database specialist. Please keep that in mind when phrasing an answer 😛 )
I appreciate every hint and help I can get, since I really want to make this work!
Thanks for your time!
Sebastian
Solved! Go to Solution.
@reinholz The complete security whitepaper that your IT dept can look at is here. You don't need to open all the ports, you can just open 443, as stated at the end of the whitepaper.
Which ports are used by Enterprise Gateway and Personal Gateway? Are there any domain names that need to be allowed for connectivity purposes?
For Power BI, the Enterprise Gateway and Personal Gateway use the same ports. All service connections are outbound (from the on-premises listening server), initiated by Service Bus, so there’s no need to open incoming ports on the on-premises server.
The following steps outline the connection process, where the listener is the on-premises server on which the Enterprise Gateway or Personal Gateway is running:
As such, the only port requirement for the Enterprise Gateway and Personal Gateway is port 443, however the other ports listed in the above process will be attempted first, before falling back to port 443.
During the process, the listener will attempt to communicate with domains necessary to establish a secure connection with the Power BI service. In cases where domain connections are blocked unless explicitly allowed, the domains which may need to be added to the approved connection list can be found in the Power BI Gateway documentation.
@reinholz The complete security whitepaper that your IT dept can look at is here. You don't need to open all the ports, you can just open 443, as stated at the end of the whitepaper.
Which ports are used by Enterprise Gateway and Personal Gateway? Are there any domain names that need to be allowed for connectivity purposes?
For Power BI, the Enterprise Gateway and Personal Gateway use the same ports. All service connections are outbound (from the on-premises listening server), initiated by Service Bus, so there’s no need to open incoming ports on the on-premises server.
The following steps outline the connection process, where the listener is the on-premises server on which the Enterprise Gateway or Personal Gateway is running:
As such, the only port requirement for the Enterprise Gateway and Personal Gateway is port 443, however the other ports listed in the above process will be attempted first, before falling back to port 443.
During the process, the listener will attempt to communicate with domains necessary to establish a secure connection with the Power BI service. In cases where domain connections are blocked unless explicitly allowed, the domains which may need to be added to the approved connection list can be found in the Power BI Gateway documentation.
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.