![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 32%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,250 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 95%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKG%3C/text%3E%3C/svg%3E)
Hi @ZIYAD MORSI,
Thank you for posting your question in the Microsoft Q&A forum.
Based on your description, your issue is that you are experiencing a warning that Mitigations Cloud endpoint is not reachable when deploying exchange2019.
1. about the warning:
- You can ignore the warning to continue installing Exchange 2019, but the Exchange Emergency Mitigation (EM) service may not work properly.
2. About the EM service:
- The Exchange Emergency Mitigation Service (EM Service) helps secure Exchange Server by applying mitigations to address any potential threats against the server. It uses the cloud-based Office Config Service (OCS) to check and download available mitigations and sends diagnostic data to Microsoft. o EM is an optional service.
- EM is an optional service that administrators have the ability to disable. In fact, on Exchange servers without an Internet connection, EM needs to be disabled because it does not work without an Internet connection. In this case, or when you do not want to use automatic mitigation, it is recommended to use EOMT to manually apply the available mitigation features.
- If you have an outbound Internet connection but are using restrictions, you need to enable the outbound connection to the OCS, i.e. https://officeclient.microsoft.com.
3. Ways to resolve the warning:
- Check the connection: using the ‘Test-NetConnection officeclient.microsoft.com -Port 443’ command, check the connection between the computer with Exchange Server installed and this endpoint. If ‘TcpTestSucceeded: False’ is returned, you need to troubleshoot firewall or proxy issues.
- Firewall issues: Make sure that connections to officeclient.microsoft.com are excluded from SSL checking workflows performed by firewalls or third-party software such as AntiVirus, as this may break the certificate validation logic built into the EM service.
- Web proxy issues: If a web proxy is deployed for outbound connections, the InternetWebProxy parameter needs to be configured on the Exchange server.
More details can be found in the document: https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-emergency-mitigation-service?view=exchserver-2019#connectivity
If the answer is helpful, please click on “Accept answer” as it could help other members of the Microsoft Q&A community who have similar questions and are looking for solutions.
Thank you for your support and understanding.