This blog post should show you the communications ports between Skype for Business Frontend Servers and Clients and other servers involved in Skype communication.
| Edge External | |||||
|---|---|---|---|---|---|
| Source | Destination | Direction | Destination Port | Protocol | Description |
| Edge Internal IP | SfB Front End | Inbound | 5061 | TCP | Outbound SIP traffic from your Director, Director pool, Front End Server or Front End pool to your Edge Server internal interface. |
| SfB Front End | Edge Internal IP | Outbound | 5061 | TCP | Outbound SIP traffic from your Director, Director pool, Front End Server or Front End pool to your Edge Server internal interface. |
| 8057 | TCP | Web conferencing traffic from your Front End Server or each Front End Server (if you have a Front End pool) to your Edge Server internal interface | |||
| 5062 | TCP | Authentication of A/V users from your Front End Server or Front End pool, or your Survivable Branch Appliance or Survivable Branch Server, using your Edge Server. | |||
| 4443 | TCP | Replication of changes from your Central Management store to your Edge Server. | |||
| 50001 – 50003 | TCP | Centralized Logging Service controller using Skype for Business Server Management Shell and Centralized Logging Service cmdlets, ClsController command line (ClsController.exe) or agent (ClsAgent.exe) commands and log collection. | |||
| 3478 | UDP | Preferred path for A/V media transfer between your internal and external users and your Survivable Branch Appliance or Survivable Branch Server. | |||
| 443 | TCP | Fallback path for A/V media transfer between your internal and external users and your Survivable Branch Appliance or Survivable Branch Server, if UDP communication doesn’t work. TCP is then used for file transfers and desktop sharing. | |||
| Mediation Server | SfB Front End | Inbound | 5061 | TCP | SIP / TLS |
| 5070 | TCP | Used by the Mediation Server for incoming requests from the Front End Server | |||
| 49152 – 57500 | TCP / UDP | SRTP / RTCP | |||
| SfB Front End | Mediation Server | Outbound | 5061 | TCP | SIP / TLS |
| 5070 | TCP / UDP | Used by the Mediation Server for incoming requests from the Front End Server | |||
| 49152 – 57500 | TCP / UDP | SRTP / RTCP | |||
| 3478 | UDP | STUN | |||
| 443 | TCP / UDP | STUN | |||
| 445 | TCP | Replication of changes from your Central Management store to Mediation through SMB | |||
| Client | SfB Front End | Inbound | 5061 | UDP | SIP |
| 443 | TCP | HTTPS | |||
| 80 | TCP | HTTP | |||
| 3478 | UDP | This is used for relaying media traffic | |||
| 448 | TCP | Used for call admission control by the Skype for Business Server Bandwidth Policy Service. | |||
| 8057 | TCP / UDP | Used to listen for Persistent Shared Object Model (PSOM) connections from client. | |||
| 49152 – 65535 | TCP / UDP | RTP / SRTP A/V / Webconf / AppSharing | |||
| SfB Front End | Client | Outbound | 3478 | UDP | STUN/TURN negotiation of candidates over UDP on port 3478 |
| SfB Front End | SQL Backend | Outbound | 1433 | TCP | SQL Connection Default Port |
| 1434 | UDP | Eventually necessary when using named instances. | |||
| SfB Front End | Office Online Server | Outbound | 443 | TCP | Office Online Server |
| SfB Front End | File Share | Outbound | 445 | TCP | SMB to Server with Skype SMB Share |
| Exchange Server | SfB Front End | Inbound | 5061 | TCP | SIP |
| SfB Front End | Exchange Server | Outbound | 5061 | TCP | SIP (Client Access server – Microsoft Unified Messaging Call Router service) |
| 443 | TCP | STUN | |||
| 3478 | UDP | STUN | |||
Remarks:
- The effectively needed ports on the high port range 49152 – 65535 may be different if you choose to restrict Audio, Video and App Sharing ports to some smaller range.
- If you find any mistake or have questions feel free to comment.
