The following table summarizes the ports and protocols used by Office Communications Servers and clients.
 Note: |
|---|
| Windows Firewall must be running before you start the services on Office Communications Server, because that is when Office Communications Server opens the required ports in the firewall. |
For details about firewall configuration, see Firewall Requirements for External User Access. For details on load balancer configuration, see Planning Load Balancing.
Table 1. Ports and Protocols Used by Office Communications Server and Clients
| Component (server role or client) | Port | Protocol | Notes |
|---|---|---|---|
|
Front End Servers |
5060/5061 |
TCP MTLS |
Used by Standard Edition servers and Enterprise pools for all internal SIP communications between servers and between servers and Office Communicator. |
|
Front End Servers |
443 |
HTTPS |
Used for communication from Front End Servers to the Web farm FQDNs (the URLs used by Web Components). |
|
Front End Servers |
444 |
HTTPS |
Used for communication between the Focus (the Office Communications Server component that manages conference state) and the conferencing servers. |
|
Front End Servers |
80 |
TCP |
Used for communication from Front End Servers to the Web farm FQDNs (the URLs used by Web Components) when HTTPS is not used. |
|
Front End Servers |
135 |
DCOM and remote procedure call (RPC) |
Used when a load balancer is deployed. Port 135 is used by the Front End Servers for Windows Management Instrumentation (WMI) operations and for moving users (a remote DCOM-based database operation). |
|
Front End Servers |
5062 |
TCP |
Used for incoming SIP listening requests for IM conferencing. |
|
Front End Servers |
5063 |
TCP |
Used for incoming SIP listening requests for audio/video (A/V) conferencing. |
|
Front End Servers |
5064 |
TCP |
Used for incoming SIP listening requests for telephony conferencing. |
|
Front End Servers |
5065 |
TCP |
Used for incoming SIP listening requests for application sharing. |
|
Front End Servers |
5069 |
TCP and MTLS |
Used by QoE Agent on the Front End Server. |
|
Front End Servers |
5071 |
TCP |
Used for incoming SIP listening requests for Response Group Service. |
|
Front End Servers |
5072 |
TCP |
Used for incoming SIP listening requests for Conferencing Attendant. |
|
Front End Servers |
5073 |
TCP |
Used for incoming SIP listening requests for Conferencing Announcement Service. |
|
Front End Servers |
5074 |
TLS |
Used for incoming SIP listening requests for Outside Voice Control. |
|
Front End Servers |
8057 |
TLS |
Used to listen to direct Persistent Shared Object Model (PSOM) connections from a Microsoft Office Live Meeting 2007 client. |
|
Front End Servers |
8404 |
TLS |
Used for internal server communications (remoting over MTLS) for Response Group Service. |
|
Front End Servers |
49152-65335 |
User Datagram Protocol (UDP) |
Used for media port range. |
|
Load balancer for Front End Servers |
5060/5061 |
TCP MTLS |
Used by Standard Edition servers and Enterprise pools for all internal SIP communications between servers and between servers and Office Communicator. |
|
Load balancer for Front End Servers |
443 |
HTTPS |
Communication from Front End Servers to the Web farm FQDNs (the URLs used by Web Components). |
|
Load balancer for Front End Servers |
444 |
HTTPS |
Communication between the Focus (the Office Communications Server component that manages conference state) and the conferencing servers. |
|
Load balancer for Front End Servers |
135 |
DCOM and RPC |
Used when a load balancer is deployed. Port 135 is used by the Front End Servers for WMI operations and for moving users (a remote DCOM-based database operation). |
|
Load balancer for Front End Servers |
5065 |
TCP |
Used for incoming SIP listening requests for application sharing. |
|
Load balancer for Front End Servers |
5069 |
TCP |
Used by the QoE Agent on the Front End Servers. |
|
Load balancer for Front End Servers |
5071 |
TCP |
Used for incoming SIP listening requests for Response Group Service. |
|
Load balancer for Front End Servers |
5072 |
TCP |
Used for incoming SIP listening requests for Conferencing Attendant. |
|
Load balancer for Front End Servers |
5073 |
TCP |
Used for incoming SIP listening requests for Conferencing Announcement Service. |
|
Load balancer for Front End Servers |
5074 |
TLS |
Used for incoming SIP listening requests for Outside Voice Control. |
|
Communicator Web Access server |
80 |
HTTP |
Used if HTTPS is not configured. |
|
Communicator Web Access server |
88 |
Kerberos |
Used for Kerberos authentication. |
|
Communicator Web Access server |
389 |
LDAP |
Used for Lightweight Directory Access Protocol on the domain controller. |
|
Communicator Web Access server |
443 |
HTTPS |
HTTP over TLS or SSL. |
|
Communicator Web Access server |
3268 |
MSFT-GC |
Used for LDAP on the global catalog. |
|
Communicator Web Access server |
5061 |
SIP |
Used for SIP traffic. |
|
Communicator Web Access |
49152 to 65535 |
Used for desktop sharing. |
|
|
Microsoft Office Communications Server 2007 R2 Group Chat Server |
49152-65335 |
TLS |
Used for SIP traffic to communicate with Office Communications Server 2007 R2 servers. |
|
Group Chat Server |
443 |
HTTPS |
Used for secure file transfer with the Group Chat Web service. |
|
Group Chat Server |
8010 |
TLS |
Used for peer server synchronization/WCF ports for the Lookup Server. |
|
Group Chat Server |
8011 |
TLS |
Used for peer server synchronization/Windows Communication Foundation (WCF) ports for the Channel Server. |
|
Group Chat Server |
5041 |
MTLS |
Used for listening port for the Channel service. |
|
Monitoring Server |
135 |
Message Queuing and RPC |
Used for message queuing RCP operations. |
|
Archiving Server |
135 |
Message Queuing and RPC |
Used for message queuing RCP operations. |
|
Director |
5060/5061 |
TCP |
Used for internal communications between servers. |
|
Load balancer for Director |
5060/5061 |
TCP |
Used for internal communications between servers. |
|
Mediation Server |
60000-64000 |
UDP |
Used for media port range. |
|
Mediation Server |
5061 |
TCP |
Used for listening. |
|
Mediation Server |
5060 |
TCP |
Used for gateway listening port and next hop. |
|
Reverse Proxy |
443 |
TCP |
Used for SIP/TLS communications from external users on both the internal and external firewalls for external user access. |
|
Edge Server |
5061 |
TCP |
Used for SIP/MTLS communication for remote user access or federation. |
|
Edge Server |
5062 |
TCP |
Used for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall. |
|
Edge Server |
443 |
TCP |
Used for SIP/TLS communication for remote user access, accessing internal Web conferences, and STUN/TCP inbound and outbound media communications for accessing internal media and A/V sessions. |
|
Edge Server |
8057 |
TCP |
Used to listen for PSOM/MTLS communications from the Web Conferencing Server on the internal interface of the Web Conferencing Edge Server. |
|
Edge Server |
3478 |
UDP |
Used for STUN/UDP inbound and outbound media communications. |
|
Edge Server |
50,000-59,999 |
RTP/TCP |
Used for inbound and outbound media transfer through the external firewall. |
|
Load balancer for Edge Servers |
443 |
TCP |
Used for internal ports for SIP/TLS communication for remote user access, accessing internal Web conferences, and STUN/TCP inbound and outbound media communications for accessing internal media and A/V sessions. |
|
Load balancer for Edge Servers |
5061 |
TCP |
Used for internal ports for SIP/MTLS communication for remote user access or federation. |
|
Load balancer for Edge Servers |
5062 |
TCP |
Used for internal ports for SIP/MTLS authentication of IM communications flowing outbound through the internal firewall. |
|
Load balancer for Edge Servers |
3478 |
UDP |
Used for internal ports for STUN/UDP inbound and outbound media communications. |
|
Load balancer for Edge Servers |
443 |
TCP |
Used for external ports for SIP/TLS communication for remote user access, accessing internal Web conferences, and STUN/TCP inbound and outbound media communications for accessing internal media and A/V sessions. |
|
Load balancer for Edge Servers |
5061 |
TCP |
Used for external ports for SIP/MTLS communication for remote user access or federation. |
|
Load balancer for Edge Servers |
3478 |
TCP |
Used for external ports for STUN/UDP inbound and outbound media communications. |
|
Office Communicator |
5060 |
TCP (SIP) |
Used by Office Communicator for SIP communications internally. |
|
Office Communicator |
5061 |
TCP (SIP) |
Used by Office Communicator for SIP communications internally and for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall. |
|
Office Communicator |
443 |
TCP (HTTP) |
Used by Office Communicator clients connecting from outside the intranet for SIP communications. |
|
Office Communicator |
1024-65535 |
UDP/TCP |
Port range used for inbound and outbound media transfer through the external firewall. |
|
Office Communicator |
6891-6901 |
TCP |
Port range used by Office Communicator for file transfer. |
|
Live Meeting 2007 client |
443 |
TCP |
Used by Live Meeting 2007 clients connecting from outside the intranet for:
|
|
Live Meeting 2007 client |
8057 |
TCP |
Used for outgoing PSOM traffic sent to the Web Conferencing Server. |
|
Live Meeting 2007 client |
5061 |
TCP |
Used for SIP/TLS communication between Live Meeting and the Front End Servers or the Access Edge Server and for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall. |
|
Live Meeting 2007 client |
1024-65535 |
UDP/TCP |
Port range used for inbound and outbound media transfer through the external firewall. |
|
Live Meeting 2007 client |
6891-6901 |
TCP |
Port range used by Live Meeting for file transfer. |
|
2007 R2 version of Communicator Mobile |
5060 |
TCP SIP |
Used by Communicator Mobile for SIP communications internally. |
|
2007 R2 version of Communicator Mobile |
5061 |
TCP SIP |
Used by Communicator Mobile for SIP over TLS communications internally. |
|
2007 R2 version of Communicator Mobile |
443 |
TCP (HTTP) |
Used by Communicator Mobile for connecting from outside the intranet for SIP communications. |