SharePoint 2010 / 2013 Firewall Rules

SHAREPOINT 2010/2013 FIREWALL RULES

Firewall Rules Table

Inbound/Outbound  From  Port  Type To  Version
Inbound Service Application 32843, 32844 (HTTPS), 32845 (net.tcp binding) HTTP SharePoint Web Service SP2010, SP2013
Inbound WFE (mail enabled list) SMTP (TCP 25) SP2010, SP2013
Inbound Index TCP 80 or 443 WFE SP2010, SP2013
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed TCP/5725 Active Directory SP2010, SP2013
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed TCP/UDP 389 (LDAP service) Active Directory SP2010, SP2013
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed TCP/UDP 53 (DNS) Active Directory SP2010, SP2013
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed TCP/UDP 88 (Kerberos) Active Directory SP2010, SP2013
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed UDP 464 (Kerberos Change Password) Active Directory SP2010, SP2013
Inbound All SharePoint Server (Depends on Central Admin config) Office Server Web Services, TCP 56737, SSL 56738 App (Central Admin) SP2010, SP2013
Inbound TS Jump point RDP (TCP 3389) For Remote Admin APP (Central Admin) SP2010, SP2013
Inbound Client IPs (as applicable) TCP 80 or 443 ISA Web Pub or WFE SP2010, SP2013
Inbound Index TCP 80 or 443 WFE SP2010, SP2013
Inbound Office Web Apps 809 (private traffic between the servers that run Office Web Apps Server) All Servers SP2013
Outbound ALL SharePoint Servers (Based on Authentication) DNS (TCP/UDP 53) DC (AD) /DNS (LDAP) SP2010, SP2013
Outbound External Content DNS (TCP/UDP 53) DNS SP2010, SP2013
Outbound ALL SharePoint Servers (Based on Authentication) DS (TCP 445) DC (AD) /DNS (LDAP) SP2010, SP2013
Outbound Index (File Shares) Either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Server Message Block (SMB) External Content SP2010, SP2013
Outbound ALL SharePoint Servers (Based on Authentication) Kerberos (UDP 88) DC (AD) /DNS (LDAP) SP2010, SP2013
Outbound ALL SharePoint Servers (Based on Authentication) LDAP/S (UDP 389/636) DC (AD) /DNS (LDAP) SP2010, SP2013
Outbound ALL SharePoint Servers (Based on Authentication) RPC (TCP 135) DC (AD) /DNS (LDAP) SP2010, SP2013
Outbound WFE (SSO) RPC for SSO – (TCP 135), plus random high ports (Dynamic RPC) or restricted high ports (Static RPC) APP Servers SP2010, SP2013
Outbound Index (Propagation) Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Query SP2010, SP2013
Outbound WFE (Search Request) Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Server Message Block (SMB) Query SP2010, SP2013
Outbound WFE (alerts) SMTP (TCP 25) SMTP/Exchange SP2010, SP2013
Outbound Index (BDC) SQL (TCP 1433, UDP 1434) or custom port External Content SP2010, SP2013
Outbound ALL SharePoint Servers SQL (TCP 1433, UDP 1434) or custom port for Named SQL Instance SQL Server Tabular Data Stream (TDS) SQL Server SP2010, SP2013
Outbound Index (Search Crawling) TPC 80, TCP 443, TCP (custom) HTTP WFE SP2010, SP2013
Outbound Index (Sites) TPC 80, TCP 443, TCP (custom) External Content SP2010, SP2013
Outbound WFE TPC 80, TCP 443, TCP (custom) HTTP Index Server (search crawling) SP2010, SP2013

 

Posted on by wpadmin

Leave a Reply

Your email address will not be published. Required fields are marked *