Академический Документы
Профессиональный Документы
Культура Документы
1 of 3
https://exchangequery.com/2014/10/25/ports-and-protocols-requirement-...
msexchangequery
Exchange Administration doesnt have to be hard
Protocol
5060/5061
TCP/UDP
Direction
Bidirectional
1434
UDP
443
STUN/TCP
Outgoing
444
HTTPS/TCP
Bidirectional
443
PSOM/TLS
Outgoing
3478
STUN/UDP
Outgoing
5223
TCP
50000 59999
RTP/UDP
5067
TCP/TLS
57501-65535
TCP/UDP
8057,8058
TCP/TLS
Bidirectional
Outgoing
Outgoing
Bidirectional
Bidirectional
Bidirectional
Usage
For SIP
For SQL servers
Audio, video, application sharing sessions
Lync Front End server
Data sharing sessions
Audio, video sessions, Desktop Sharing
Lync Mobile pushes notications
Audio, video sessions
Incoming SIP requests for Mediation servers.
VideoConferencing
Front End Service
9/26/2016 3:25 PM
Ports and protocols Requirement for Exchange and Lync Server Deploy...
2 of 3
https://exchangequery.com/2014/10/25/ports-and-protocols-requirement-...
For remote access to work for IM and Presence, it is mandatory that SIP trac is allowed to ow
bi-directionally. Hence, Port needs to be allowed as follows:
Port 443 and 5061 from Internet to Access Edge External IP (bi-directional)
Port 5061 from Edge Internal IP to Internal Network (bi-directional)
Edge server should be accessible from the Internet over port 443, 3478 and 5061.
Reverse Proxy require Port 443 to be opened.
For a Mobile Access user who is outside the corporate network, the request hits the Reverse Proxy and is
then sent to the Front End pool or Director.No user level authentication is done on the reverse proxy.
Its always recommend to implement a Director Server Role for additional security.The Director is both
ooading the authentication and providing an extra layer of security against DoS a acks.
Director must be in the same subnet where the Front End Servers reside which will be in the Private
network. It should not be in the perimeter or DMZ.
Below will be the Flow of mobile application requests for Mobility Service :
All the External user Lync log in requests through mobile devices > will go through the reverse proxy
server > and it will go to the edge server > and hit the front end pool.
The Microsoft Lync Server gets user information from Auto-discover Service and then it returns all the
Web Services URLs for the users home pool, including the Mobility Service URLs.
Below are the list of additional features that require external access through a reverse proxy for users
accessing them externally.We need to think of validating them once the deployment is completed.
1) Enabling external users to download meeting content for any meetings.
2) Enabling external users to expand distribution groups.
3) Enabling remote users to download les from the Address Book service.
4) Accessing the Microsoft Lync Web App client.
5) Accessing the Dial-in Conferencing Se ings webpage.
6) Accessing the Location Information service.
7) Enabling external devices to connect to Device Update web service and obtain updates.
Now we will look into the port requirement for Exchange servers as well.
Port Requirements for Exchange On-premise Servers (Applies to Exchange2 2010 and 2013):
Port
25
Protocol
Direction
Usage
SMTP
Bidirectional
50636
TCP
Bidirectional
135
TCP/RPC
80/443
HTTP/HTTPS
993
TCP
995/110
TCP
Outgoing
Bidirectional
Incoming
Incoming
9/26/2016 3:25 PM
Ports and protocols Requirement for Exchange and Lync Server Deploy...
3 of 3
5075-5077
5061
TCP
TCP
Incoming
Outgoing
https://exchangequery.com/2014/10/25/ports-and-protocols-requirement-...
For OWA and Outlook Anywhere port 443 should be opened in rewall.
For IMAP port 993 should be opened in Firewall.Port 25 should be opened on Firewall for both internal
and external internet mail ow trac.
I think most of the port requirement for Lync and Exchange deployment have been added above. Feel
free to comment or correct me if anything needs to be added or corrected.
Also Refer h p://social.technet.microsoft.com/wiki/contents/articles/28141.ports-and-protocolsrequirement-for-exchange-and-lync-server-deployment.aspx (h p://social.technet.microsoft.com
/wiki/contents/articles/28141.ports-and-protocols-requirement-for-exchange-and-lync-serverdeployment.aspx)
References:
h p://technet.microsoft.com/en-us/library/gg398833.aspx (h p://technet.microsoft.com/en-us/library
/gg398833.aspx)
h p://technet.microsoft.com/en-us/library/bb331973.aspx (h p://technet.microsoft.com/en-us/library
/bb331973.aspx)
h p://support.microsoft.com/kb/2409256#VerifyNetworkRequirements (h p://support.microsoft.com
/kb/2409256#VerifyNetworkRequirements)
h p://support.microsoft.com/kb/2423848 (h p://support.microsoft.com/kb/2423848)
h p://technet.microsoft.com/en-us/library/gg425727 (h p://technet.microsoft.com/en-us/library
/gg425727)
Thanks
Sathish Veerapandian
MVP Exchange Server
Blog at WordPress.com.
9/26/2016 3:25 PM