The following is the baseline firewall ports and URL’s required to consume Office 365 in my other posts I will detail the other services:
Default ports are 80, 443, 25 (for any client mail routing outside of Exchange this would also require 587) and 49443 if ADFS is being used with ClientTLS.
The main URL’s for the proxy are as follows:
*.office.com
*.office365.com
*.office.net
*.microsoftonline.com
*.microsoft.com
*’live.com
*.windows.net
*.microsoftonline-p.com
*.microsoftonline-p.net
*.microsoftonlineimages.com
*.msecnd.net
*.msocdn.com
*.onmicrosoft.com
*.activedirectory.windowsazure.com
*.phonefactor.net
*.aadrm.com – optional Azure Rights Management
*.azurerms.com – optional Azure Rights Management
*.cloudapp.net – optional Azure Rights Management & MOM Pack
dc.services.visualstudio.com – optional Azure AD RemoteApp
liverdcxstorage.blob.core.windowsazure.com – optional Azure AD RemoteApp
telemetry.remoteapp.windowsazure.com – optional Azure AD RemoteApp
vortex.data.microsoft.com – optional Azure AD RemoteApp
http://www.remoteapp.windowsazure.com – optional Azure AD RemoteApp
ADFS Name – if using ADFS
For the full list of IP addresses which are not recommended please see here – https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US#BKMK_Portal-identity