# Azure Virtual Desktop The Azure virtual machines you create for Azure Virtual Desktop must have access to the following URLs in the Azure commercial cloud: | **Address** | **Outbound TCP port** | **Purpose** | **Service tag** | | ------------------------------------------------------------------- | --------------------- | ---------------------------------------- | ------------------- | | \*.wvd.microsoft.com | 443 | Service traffic | AzureVirtualDesktop | | gcs.prod.monitoring.core.windows.net | 443 | Agent traffic | AzureCloud | | production.diagnostics.monitoring.core.windows.net | 443 | Agent traffic | AzureCloud | | \*xt.blob.core.windows.net | 443 | Agent traffic | AzureCloud | | \*eh.servicebus.windows.net | 443 | Agent traffic | AzureCloud | | \*xt.table.core.windows.net | 443 | Agent traffic | AzureCloud | | \*xt.queue.core.windows.net | 443 | Agent traffic | AzureCloud | | catalogartifact.azureedge.net | 443 | Azure Marketplace | AzureCloud | | kms.core.windows.net | 1688 | Windows activation | Internet | | mrsglobalsteus2prod.blob.core.windows.net | 443 | Agent and SXS stack updates | AzureCloud | | wvdportalstorageblob.blob.core.windows.net | 443 | Azure portal support | AzureCloud | | 169.254.169.254 | 80 | Azure Instance Metadata service endpoint | N/A | | 168.63.129.16 | 80 | Host health monitoring | N/A | | | 443 | Joining a host to a host pool | AzureVirtualDesktop | The following table lists optional URLs that your Azure virtual machines can have access to: | **Address** | **Outbound TCP port** | **Purpose** | **Azure Gov** | | --------------------------------------------------------- | --------------------- | --------------------------------------------------- | ------------------------ | | \*.microsoftonline.com | 443 | Authentication to Microsoft Online Services | login.microsoftonline.us | | \*.events.data.microsoft.com | 443 | Telemetry Service | None | | [www.msftconnecttest.com](http://www.msftconnecttest.com) | 443 | Detects if the OS is connected to the internet | None | | \*.prod.do.dsp.mp.microsoft.com | 443 | Windows Update | None | | login.windows.net | 443 | Sign in to Microsoft Online Services, Microsoft 365 | login.microsoftonline.us | | \*.sfx.ms | 443 | Updates for OneDrive client software | oneclient.sfx.ms | | \*.digicert.com | 443 | Certificate revocation check | None | | \*.azure-dns.com | 443 | Azure DNS resolution | None | | \*.azure-dns.net | 443 | Azure DNS resolution | None | For up to date information, please also visit the Microsoft website at .