Archive

Archive for January, 2017

TCP/IP Ports of SharePoint 2016

January 24, 2017 Leave a comment

SharePoint 2016 huh?!
(Long time since I last posted anything real here…)

Actually, this post is by popular demand πŸ™‚ This is the 2016 version of the post a wrote when SHarePoint 2013 was new, as you can see, not much has changed…I have updated a few lines with what I know now that I did not know then, thats it. Please let me know if I missed something.

The recommended approach is to create a GPO with these firewall rules and apply that rule to the SharePoint servers in your farm. Add all of them, best that way to avoid extreme t-shooting in the future.

Another but related recommendation is to configure the Loopback check funktion in Windows server to allow the FQDN’s of your web applications (Use theΒ Loopback check tool).

List of ports used by SharePoint 2013 and its related services.
Reference links at the end.

Protocol Port Usage Comment
TCP 80 http Client to SharePoint web server traffic
(SharePoint – Office Online Server/Office Web Apps communication)
TCP 443 https/ssl Encrypted client to SharePoint web server traffic
(Encrypted SharePoint – Office Online Server/Office Web Apps communication)
TCP 1433 SQL Server default communication port. May be configured to use custom port for increased security
UDP 1434 SQL Server default port used to establish connection May be configured to use custom port for increased security
TCP 445 SQL Server using named pipes When SQL Server is configured to listen for incoming client connections by using named pipes over a NetBIOS session, SQL Server communicates over TCP port 445
TCP 25 SMTP for e-mail integration CannotΒ in 2016 be configured (Use SMTP ports other than the default (25).)
TCP 16500-16519 Ports used by the search index component Intra-farm only
Inbound rule Added to Windows firewall by SharePoint. (GPO may override this change)
TCP 22233-22236 Ports required for the AppFabric Caching Service Used by the Distributed Cache…
TCP 808 Search – Query processing component
Windows Communication Foundation communication
Search – Query processing component
(WCF)
TCP 32843 Communication between Web servers and service applications http (default) To use custom port, see references section
Inbound rule Added to Windows firewall by SharePoint
TCP 32844 Communication between Web servers and service applications https
Inbound rule Added to Windows firewall by SharePoint
TCP 32845 net.tcp binding: TCP 32845 (only if a third party has implemented this option for a service application) Β Custom Service Applications
Inbound rule Added to Windows firewall by SharePoint
TCP 32846 Microsoft SharePoint Foundation User Code Service (for sandbox solutions) Β Inbound on all Web Servers
Inbound rule Added to Windows firewall by SharePoint
Outbound on all Web and App servers with service enabled.
TCP 636 User Profile Synchronization Service/Active Directory Import Synchronizing profiles between SharePoint 2016 and AD using SLDAP (Secure LDAP)
TCP 5725 User Profile Synchronization Service Synchronizing profiles between SharePoint 2016 and Active Directory Domain Services (AD DS)
TCP + UDP 389 User Profile Synchronization Service LDAP Service
TCP + UDP 88 User Profile Synchronization Service Kerberos
TCP + UDP 53 User Profile Synchronization Service DNS
UDP 464 User Profile Service Kerberos change password
TCP 809 Office Online Server/Office Web Apps Office Online Server/Office Web Apps intra-farm communication.

References:

Security for SharePoint Server 2016
https://technet.microsoft.com/en-us/library/mt683473(v=office.16).aspx

TCP/IP Ports of SharePoint 2013
https://blog.blksthl.com/2013/02/21/tcpip-ports-of-sharepoint-2013/

 


___________________________________________________________________________________________________

Enjoy!

Regards

Twitter | Technet Profile | LinkedIn

Advertisements