Azure: Summary of ISPs that Allow / Disallow Access from Port 445
Azure Files uses SMB 3.0's encrypted transport to enable access via the Internet. When you deploy an Azure file share within a storage account, your file share is immediately accessible via the storage account's public endpoint. This means that authenticated requests, such as requests authorized by a user's logon identity, can originate securely from inside or outside of Azure.
In many customer environments, an initial mount of the Azure file share on your on-premises workstation will fail, even though mounts from Azure VMs succeed. The reason for this is that many organizations and internet service providers (ISPs) block the port that SMB uses to communicate, port 445. This practice originates from security guidance about legacy and deprecated versions of the SMB protocol. Although SMB 3.0 is an internet-safe protocol, older versions of SMB, especially SMB 1.0 are not. Azure file shares may only be externally accessed via SMB 3.0 and the FileREST protocol (which is also an internet safe protocol) via the public endpoint.
This Wiki page lists a community-maintained, non-exhaustive list of ISPs that block port 445. If you are an administrator for your organization trying to set up Azure Files access for working from home, you should assume all or most of your end-users will have port 445 block by their ISPs, even if their ISPs do not appear in this list. You can easily work around port 445 limitations imposed by your end-users' ISPs by setting up a Point-to-Site VPN connections. You can also work around your organizations network restrictions using a Site-to-Site VPN or ExpressRoute connection. To learn more, see Azure Files networking considerations.
Allow
Below the alphabetically sorted list
| Company | URL | Region | Condition |
| AT&T | TBD | Through a cellphone wifi hotspot | |
| Frontier | See http://www.frontierhelp.com/faq.cfm?qstid=504 | TBD | Allowed, however their website appears to indicate it is blocked - potentially this is just for inbound traffic. |
| Mediacom - | TBD | ||
| CenturyLink | TBD | ||
| KPN | |||
| Time Warner Cable | |||
| Paxio | Silicon Valley | ||
| DST | Brunei | ||
| TelBru | Brunei | ||
| Entel - Internet Mobile | Peru | ||
| Vivo Fibra | Brazil | Home and Business users |
|
| Verizon - Home and Business |
Disallow
| Company | URL | Region | Condition |
| AT&T U-Verse | |||
| Bell (Canada) | Canada | Fibe (Disallowed) | |
| Charter Spectrum | |||
| Charter Spectrum Business | |||
| Comcast | See http://customer.xfinity.com/help-and-support/internet/list-of-blocked-ports | ||
| Cox Communication -Residential | See: Cox Internet Ports Blocked | ||
Verizon Wireless - Through a cellphone wifi hotspot. |
|||
T-Mobile |
Through a cellphone WiFi hotspot. | ||
| Optimum Online | port 445 is disallowed for both residential and business accounts | ||
Ziggo |
|||
| TDS Telecom | See https://tdstelecom.com/support/internet/setup-block-internet-ports.html | ||
| Telenet | BE | ||
| OnsBrabantNet Glasvezel | NL | ||
| XS4ALL | NL | ||
| Videotron | |||
| RCN | |||
Rogers Cable (Canada) |
Canada | All Home and SMB Services including Ignite (Disallowed) Cell tethering (Allowed) |
|
Claro Peru- All Home Service |
Peru | ||
| NET Virtua (Brazil) | Brazil | ||
| Movistar Peru- | Peru | All Home Service | |
Vivo Mobile |
BR | 4G, LTE and 3G | |
| Movistar Peru- All Home Service | |||
| Vodafone | India | 4G, LTE and 3G |
See also