The following are the requirements of Skype for Business Online, note this information can change as the service evolves. This is from the clients machine to Office 365:
Port Destination | Protocol | Client Usage | Direction |
443 | TCP | SIP Signalling | Outbound |
443 | TCP | Audio, Video, Application sharing sessions and Web Conferencing | Outbound |
3478, 3479, 3480, 3481 | UDP | Audio and Video Sessions | Outbound |
5223 | TCP | Skype for Business Mobile push notifications – iOS Only | Outbound |
50000 TO 59999 INCLUSIVE | RTC/UDP/TCP | Audio and Video Sessions | Outbound |
50000 TO 59999 INCLUSIVE | TCP | Application Sharing and File Transfer | Outbound |
The following is the URL’s that SfB Online from the client will use to get to the SfB Online servers so if the traffic is going through internet proxies and you are having issues these URL’s will be helpful:
*.lync.com crl.microsoft.com evsecure-ocsp.verisign.com evsecure-aia.verisign.com evsecure-crl.verisign.com sa.symcb.com sd.symcb.com config.edge.skype.com pipe.skype.com s-0001.s-msedge.net s-0004.s-msedge.net *.omniroot.com *.verisign.com *.symcb.com *.symcd.com *.verisign.net *.geotrust.com *.entrust.net *.public-trust.com *.cqd.lync.com *.infra.lync.com *.online.lync.com *.resources.lync.com *.config.skype.com *.skypeforbusiness.com *.pipe.aria.microsoft.com
Is there a minimum client version required to benefit from the port changes?
This change applies to all clients supported against Skype for Business Online. No clients are excluded and there are no specific minimum version required.
So which ports are required for clients?
All clients need to be able to directly connect to Skype for Business Online on the following destination ports:
TCP: 80, 443 UDP: 3478, 3479, 3480, 3481 Optional: UDP/TCP 50,000-59,999
Office 365
The following is the baseline firewall ports and URL’s required to consume Office 365. The followind will detail the other services:
Default ports are 80, 443, 25 (for any client mail routing outside of Exchange this would also require 587) and 49443 if ADFS is being used with ClientTLS.
The main URL’s for the proxy are as follows:
*.office.com *.office365.com *.office.net *.microsoftonline.com *.microsoft.com *’live.com *.windows.net *.microsoftonline-p.com *.microsoftonline-p.net *.microsoftonlineimages.com *.msecnd.net *.msocdn.com *.onmicrosoft.com *.activedirectory.windowsazure.com *.phonefactor.net *.aadrm.com – optional Azure Rights Management *.azurerms.com – optional Azure Rights Management *.cloudapp.net – optional Azure Rights Management & MOM Pack dc.services.visualstudio.com – optional Azure AD RemoteApp liverdcxstorage.blob.core.windowsazure.com – optional Azure AD RemoteApp telemetry.remoteapp.windowsazure.com – optional Azure AD RemoteApp vortex.data.microsoft.com – optional Azure AD RemoteApp http://www.remoteapp.windowsazure.com – optional Azure AD RemoteApp ADFS Name – if using ADFS