Inquiry About Port 10001 Usage in Azure ExpressRoute

Evan 0 Reputation points
2024-12-18T15:55:05.3766667+00:00

I received a new service alert regarding port 10001 on an IP associated with the ExpressRoute connections to our virtual network. It is understood that the ExpressRoute IP is managed entirely by Azure and the ISP, and it is not related to any of the systems utilizing the VNET or ExpressRoute.

Is there any known usage of port 10001 by ExpressRoute or Azure?

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
398 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KapilAnanth-MSFT 48,081 Reputation points Microsoft Employee
    2024-12-19T06:25:45.0166667+00:00

    @Evan ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Your observation is correct.

    See : Why are certain ports opened on my ExpressRoute gateway

    They're required for Azure infrastructure communication. Azure certificates help protect them by locking them down. Without proper certificates, external entities, including the customers of those gateways, can't cause any effect on those endpoints. A virtual network gateway is fundamentally a multihomed device. One network adapter taps into the customer private network, and one network adapter faces the public network. Azure infrastructure entities can't tap into customer private networks for compliance reasons, so they need to use public endpoints for infrastructure communication. An Azure security audit periodically scans the public endpoints.

    I am afraid the usage of the port is internal and is mostly for management purpose only, and hence cannot be documented or shared in a public forum.

    Also, it is quite possible that the ports open are dynamic and may change periodically.

    As mentioned in the FAQ Section, without proper certificates, external entities, including the customers of those gateways, can't cause any effect on those endpoints.

    Thanks,

    Kapil


    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.