Topic Last Modified: 2013-02-15

The reverse proxy has minimal requirements for firewall and port/protocol.

Port and Protocol Details

Firewall Details for Reverse Proxy Server: External Interface

Protocol/TCP or UDP/Port Source IP Address Destination IP Address Notes

HTTP/TCP/80

Any

Reverse proxy listener

(Optional) Redirection to HTTPS if user enters http://<publishedSiteFQDN>.

Also required if using Office Web Apps for conferencing and the Autodiscover Service for mobile devices running Lync in situations where the organization does not want to modify the external web service publishing rule certificate.

HTTPS/TCP/443

Any

Reverse proxy listener

Address book downloads, Address Book Web Query service, Autodiscover, client updates, meeting content, device updates, group expansion, Office Web Apps for conferencing, dial-in conferencing, and meetings.

Firewall Details for Reverse Proxy Server: Internal Interface

Protocol/TCP or UDP/Port Source IP Address Destination IP Address Notes

HTTP/TCP/8080

Internal reverse proxy interface

Front End Server, Front End pool, Director, Director pool

Required if using the Autodiscover Service for mobile devices running Lync in situations where the organization does not want to modify the external web service publishing rule certificate.

Traffic sent to port 80 on the reverse proxy external interface is redirected to a pool on port 8080 from the reverse proxy internal interface so that the pool Web Services can distinguish it from internal web traffic.

HTTPS/TCP/4443

Internal reverse proxy interface

Front End Server, Front End pool, Director, Director pool

Traffic sent to port 443 on the reverse proxy external interface is redirected to a pool on port 4443 from the reverse proxy internal interface so that the pool web services can distinguish it from internal web traffic.

HTTPS/TCP/443

Internal reverse proxy interface

Office Web Apps for conferencing