Below are the ports required for Office 365

Purpose

Credentials Used

Source

Source Port

Destination

Destination Port

Office 365 Portal and help content

Logged on user

Client computer

Ephemeral Ports

Portal.office.com

Home.office.com

*.office365.com

*.office.com

*.office.net

TCP 80 & 443

Authentication and support services

Logged on user

Client computer

Ephemeral Ports

*.microsoftonline.com

*.microsoft.com

*.live.com

*.windows/net

TCP 80 & 443

CDNs used for portal authentication

Logged on user

Client computer

Ephemeral Ports

*.microsoftonline-p.com

*.microsoftonline-p.net

*.microsoftolineimages.com

*.msecnd.net

TCP 80 & 443

CDNs used for portal authentication

Logged on user

Client computer

Ephemeral Ports

*.msocdn.com

TCP 80 & 443

Default tenant namespace (mail routing)

Logged on user

Client computer

TCP 80,25 & 443

*.onmicrosoft.com

TCP 80,25 & 443

Global DNS LBS

Logged on user

Client computer

TCP 80 & 443

*.glbdns.microsoft.com

TCP 80 & 443

Azure AD (MFA)

Logged on user

Client computer

Ephemeral Ports

*.phonefactor.net

TCP 80 & 443

Certificate Revocation list

Logged on user

Client computer

TCP 80 & 443

TCP 80 & 443

Azure Rights Management

Logged on user

Client computer

Ephemeral Ports

*.aadrm.com

*.azurerms.com

*.cloudapp.net

TCP 80 & 443

DirSync

Machine^ &Service Account

DirSync Server

TCP 80 & 443

*.microsoftonline.com

*.windows.net

+Certificate Revocation List

TCP 80 & 443

Azure AD Connect

Service Account

Azure AD Connect Server

TCP 80 & 443

*.microsoftonline.com

*.windows.net

+Certificate Revocation List

TCP 80 & 443

STS ADFS Proxy Server

None

Client Computer

TCP 443 w/clientTLS

ADFS Proxy

TCP 443 w/clientTLS

ADFS Proxy

None

ADFS Proxy (WAP)

TCP 443

ADFS Proxy

TCP 443

Leave a Reply