locked
what are the ports required for Lync? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Dear Lync Expert,

    I would like to allow clients to access lync via the SSL VPN, which is safer in term of security. May i know what kind of ports that i should allowed in the firewall in order to achieve this?

    Thanks

    Regards,

    H

    Sunday, April 30, 2017 2:57 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Alice,

    Thanks for the advise.

    I tried to allow only:

    https: 443

    SIP: 5060, 5061

    It is able to work without have to open up the whole range of ports. basically, we use it only for chatting.

    Thanks

    Regards,

    H

    • Proposed as answer by Alice-Wang Wednesday, May 3, 2017 8:48 AM
    • Marked as answer by Henry2050 Wednesday, May 3, 2017 9:51 AM
    Tuesday, May 2, 2017 10:27 AM

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    Hi Herry,

    Based on your description, I understand that you want use Lync for external access.

    If this is your requirement, we suggest you install Edge server for your environment because Edge server is the required component for external access, please refer to

    https://technet.microsoft.com/en-us/library/gg425779(v=ocs.15).aspx

    The following blog is about Edge server ports you need to open, please refer to

    https://technet.microsoft.com/en-us/library/gg425891(v=ocs.15).aspx

    Regards,

    Alice Wang

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 1, 2017 2:41 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Herry,

    Based on your description, I understand that you want use Lync for external access.

    If this is your requirement, we suggest you install Edge server for your environment because Edge server is the required component for external access, please refer to

    https://technet.microsoft.com/en-us/library/gg425779(v=ocs.15).aspx

    The following blog is about Edge server ports you need to open, please refer to

    https://technet.microsoft.com/en-us/library/gg425891(v=ocs.15).aspx

    Regards,

    Alice Wang

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Hi Alice,

    Thanks for the advise on how to setup edge servers.

    However, actually what we want to achieve is we don't want to allow users to access lync externally as it pose some security risk. Thus, we would like to actually allow lync connection when the user is connected to the SSL VPN only.

    That's why i would like to know what ports that i need to whitelist in firewall for the connection to the internal lync server.

    Please help to advise.

    Many Thanks

    Regards,

    H

    Monday, May 1, 2017 7:03 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Herry,

    please refer to

    This article is for your reference
    https://blogs.technet.microsoft.com/nexthop/2011/11/14/enabling-lync-media-to-bypass-a-vpn-tunnel/

    Moreover, please read this article which describes the ports and protocols for Lync internal server
    https://technet.microsoft.com/en-us/library/gg398833.aspx

    Regards,

    Alice Wang

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 1, 2017 7:23 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Alice,

    Thanks for the advise.

    I tried to allow only:

    https: 443

    SIP: 5060, 5061

    It is able to work without have to open up the whole range of ports. basically, we use it only for chatting.

    Thanks

    Regards,

    H

    • Proposed as answer by Alice-Wang Wednesday, May 3, 2017 8:48 AM
    • Marked as answer by Henry2050 Wednesday, May 3, 2017 9:51 AM
    Tuesday, May 2, 2017 10:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Herry,

    You could mark your reply as an answer, it will help others who has the similar issue

    Regards,

    Alice Wang

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, May 3, 2017 8:49 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You may use either lync as external or internal through VPN.For access it through VPN you need to have all internal ports allowed.Which are

    5061 to FE Pool

    443 to Internal Webservices

    For Desktop Sharing and AV from VPN you may need media port ranges to LAN client IPs or edge internal Interface with 443,UDP 3478)

    Also you need to have all internal DNS resolution to Lync pool,webservices etc..

    Jayakumar K

    Wednesday, May 3, 2017 9:20 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You may use either lync as external or internal through VPN.For access it through VPN you need to have all internal ports allowed.Which are

    5061 to FE Pool

    443 to Internal Webservices

    For Desktop Sharing and AV from VPN you may need media port ranges to LAN client IPs or edge internal Interface with 443,UDP 3478)

    Also you need to have all internal DNS resolution to Lync pool,webservices etc..

    Jayakumar K

    Hi  Jayakumar,

    Yes. I have actually allowed 443 and 5061.

    Almost forgot about desktop sharing. May I know what are the specific ports for this activity?

    Thanks

    Regards,

    H

    Wednesday, May 3, 2017 9:45 AM