Hello All,

I have been reading this forum for a while, a lot useful information can be found here Slight smile but this is the first time when I have to ask for help.

Recently we have set up new Infrastructure for our client, Dynamics 365 on premises DEV, QA, UAT and PROD all with SharePoint Online and Exchange Online integration. All Azure Vm's

Few days ago client receive an email form Microsoft Azure:

" The Windows Transport endpoint is enabled. It is recommended that the endpoint be disabled from the extranet due to a known security vulnerability.

Recommended action

Please disable the endpoints immediately from being exposed to the extranet by executing the following PowerShell cmdlets below. There is no end user impact to performing this operation.

  1. Set-AdfsEndpoint -TargetAddressPath /adfs/services/trust/2005/windowstransport -Proxy $false
  2. Set-AdfsEndpoint -TargetAddressPath /adfs/services/trust/13/windowstransport -Proxy $false

It is also strongly recommended to implement AD FS lockout protection policies in your AD FS farm if you have not done so already. "

From that point all external URL's stopped working. They still resolve to correct IP's but there is no external access to the Dynamics.

SharePoint and Exchange Integration still works, also internal access still working fine.

When I run tracert command I have communication till  ae26-0.icr01.dub07.ntwk.msn.net [104.44.239.33] and it's time out after that point.

Does anyone experienced this problem before?

Thanks in advance.

P