Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

[Rogers NOC Question] Access to Azure Files blocked by Rogers

gisuck
I'm a reliable contributor

Thursday

So this is going to be a Rogers NOC question. Someone from Rogers will have to relay to them to see if I can get an answer.

 

By default, for security reasons, Rogers blocks outbound SMB traffic (Port 445) to the internet. The problem is that my company is migrating to Azure Files, a cloud file share service by Microsoft, which uses SMB (Port 445) to share files. Can Rogers please whitelist *.file.core.windows.net in the firewall to allow this traffic? Mine in particular is being CNAMEd to file.lvl02prdstr10a.store.core.windows.net.

 

More information can be found here: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-introduction

0 Likes
2 REPLIES 2

Re: [Rogers NOC Question] Access to Azure Files blocked by Rogers

RogersYasmine
Moderator
Moderator

Saturday

Hello @gisuck ,

 

Thanks for sharing your concerns with the rest of the community.

 

I understand this may be inconvenient but if a port is blocked or reserved, it is often done because we need to use that particular port for a reason. We cannot open any blocked or reserved ports. Is it possible for you to try using a different port?

 

Kind regards,

RogersYasmine

 

0 Likes

Re: [Rogers NOC Question] Access to Azure Files blocked by Rogers

gisuck
I'm a reliable contributor
In response to RogersYasmine

Saturday

Hi @RogersYasmine,

 

This would be blocked for security reasons. There were a high number of exploits against SMB back in the Windows 2000s, XP days. It's not uncommon for ISPs (not just Rogers) to block inbound and outbound traffic on this port. It would be in a similar vain where ISPs would block Port 25 so that email spam wouldn't from zombie machines.

 

The ask would be to see if it would be considered to allow this traffic to Azure Files as this would be a public cloud service offering in their Office 365/Azure Entra ID portfolio as our organization moves from on premises servers to cloud servers. And for context, if you don't know what SMB is, this would be accessing network files shares in the cloud instead of having a private server in your network to access these files. And no, this port cannot be changed because this is how Windows uses network file shares.

 

Our organization is looking into routing split tunnel VPN traffic to use our office internet connections where ISPs will not lift the block of SMB traffic to Azure Files. The problem is that, due to the chatty nature of the SMB protocol, any amount of added latency will dramatically slow down the traffic to the point where it's pretty much unusable. Right now, in testing this type of routing, a 6MB file is taking 6 minutes to download. Which is why I'm seeing if there's options to see if there is a way to ask the Rogers NOC to see if there's a way to whitelist the service for Azure Files.

 

Thanks

 

0 Likes
Topic Stats
  • 2 replies
  • Thursday
  • 149 views
  • 0 Likes
  • 2 in conversation
Copyright © 2025 Khoros, LLC