Article number
Affected Versions
Source Hypervisor
Target Hypervisor

How to Properly Configure ZCA Azure Endpoint Access

Viewed 1464 times


The Azure endpoints listed in this article are required for installation and for ongoing replication. The access is required for access to the Azure API and other Azure resources that Zerto uses to orchestrate replication, protection, and failover.


If a proxy exception is not allowed by the customer's internal security policy for all the Internet traffic generated by the ZCA, then access to the following specific Azure endpoints are required.

Authentication and management of access to Azure resources

Azure internal use

Note: This special public IP address is owned by Microsoft and will not change. We recommend that you allow this IP address in any local (in the VM) firewall policies (outbound direction). The communication between this special IP address and the resources is safe because only the internal Azure platform can source a message from this IP address. If this address is blocked, unexpected behavior can occur in a variety of scenarios. is a virtual IP of the host node and as such it is not subject to user defined routes.

ZCA deployment from Azure template

Azure internal use


Azure Analytics

Azure authentication