Office 365 Ports
Below are the ports required for Office 365
|
Purpose |
Credentials Used |
Source |
Source Port |
Destination |
Destination Port |
|
Office 365 Portal and help content |
Logged on user |
Client computer |
Ephemeral Ports |
Portal.office.com *.office365.com *.office.com *.office.net |
TCP 80 & 443 |
|
Authentication and support services |
Logged on user |
Client computer |
Ephemeral Ports |
*.microsoftonline.com *.microsoft.com *.live.com *.windows/net |
TCP 80 & 443 |
|
CDNs used for portal authentication |
Logged on user |
Client computer |
Ephemeral Ports |
*.microsoftonline-p.com *.microsoftonline-p.net *.microsoftolineimages.com *.msecnd.net |
TCP 80 & 443 |
|
CDNs used for portal authentication |
Logged on user |
Client computer |
Ephemeral Ports |
*.msocdn.com |
TCP 80 & 443 |
|
Default tenant namespace (mail routing) |
Logged on user |
Client computer |
TCP 80,25 & 443 |
*.onmicrosoft.com |
TCP 80,25 & 443 |
|
Global DNS LBS |
Logged on user |
Client computer |
TCP 80 & 443 |
*.glbdns.microsoft.com |
TCP 80 & 443 |
|
Azure AD (MFA) |
Logged on user |
Client computer |
Ephemeral Ports |
*.phonefactor.net |
TCP 80 & 443 |
|
Certificate Revocation list |
Logged on user |
Client computer |
TCP 80 & 443 |
|
TCP 80 & 443 |
|
Azure Rights Management |
Logged on user |
Client computer |
Ephemeral Ports |
*.aadrm.com *.azurerms.com *.cloudapp.net |
TCP 80 & 443 |
|
DirSync |
Machine^ &Service Account |
DirSync Server |
TCP 80 & 443 |
*.microsoftonline.com *.windows.net +Certificate Revocation List |
TCP 80 & 443 |
|
Azure AD Connect |
Service Account |
Azure AD Connect Server |
TCP 80 & 443 |
*.microsoftonline.com *.windows.net +Certificate Revocation List |
TCP 80 & 443 |
|
STS ADFS Proxy Server |
None |
Client Computer |
TCP 443 w/clientTLS |
ADFS Proxy |
TCP 443 w/clientTLS |
|
ADFS Proxy |
None |
ADFS Proxy (WAP) |
TCP 443 |
ADFS Proxy |
TCP 443 |
Scott Croucher 