Topic Last Modified: 2013-02-16

To configure your firewall for ports and protocols necessary to support public instant messaging connectivity, first note that SIP/MTLS/TCP 5061 is bidirectional to account for the ability of contacts in the public IM provider to contact Lync clients, or for Lync to contact public IM contacts.

Windows Live Messenger can participate in audio/video communications with Lync clients. This accounts for the very similar firewall port and protocol configuration that you would typically have on the firewall to support Lync clients as external users.

Important:
More than ever, Lync is a powerful tool for connecting across organizations and with individuals around the world. Federation with Windows Live Messenger requires no additional user/device licenses beyond the Lync Standard Client Access License (CAL). Skype federation will be added to this list, enabling Lync users to reach hundreds of millions of people with IM and voice.

Federation with Messenger client contacts will officially end on March 15, 2013, except for mainland China. Skype will become the federation client for federated users who previously used Messenger.

Firewall Summary – Public Instant Messaging Connectivity

Role/Protocol/TCP or UDP/Port Source IP address Destination IP address Notes

Access/SIP(MTLS)/TCP/5061

Public IM connectivity partners

Edge Server Access interface

For federated and public IM connectivity that use SIP.

Access/SIP(MTLS)/TCP/5061

Edge Server Access interface

Public IM connectivity partners

For federated and public IM connectivity that use SIP.

Access/SIP(TLS)/TCP/443

Clients

Edge Server Access interface

Client-to-server SIP traffic for external user access.

A/V/RTP/TCP/50,000-59,999

Edge Server Access interface

Live Messenger clients

Used for A/V sessions with Windows Live Messenger if public IM connectivity is configured.

A/V/STUN,MSTURN/UDP/3478

Edge Server Access interface

Live Messenger clients

Required for public IM connectivity with Windows Live Messenger.

A/V/STUN,MSTURN/UDP/3478

Live Messenger clients

Edge Server Access interface

Required for public IM connectivity with Windows Live Messenger.

See Also