SharePoint 2007 and 2010 的服务器场的端口

由于要把一台SharePoint Server放到外网去,就把IP改到DMZ区了,结果除了系统管理员,其他帐号都无法验证通过,肯定是一些端口没开.

网上一查,SharePoint所需要的端口还真多,不过Client和WFE之间的应该开放80和443就OK了,其余的都是SharePoint Server之间,或者和

公司网络环境的. 具体如下:

SharePoint 2007 Ports

Inbound/Outbound	From	Port	Type	To
Inbound	Client IPs (as applicable)	TCP 80 or 443 (SSL)	HTTP	ISA Web Pub or WFE
Inbound	TS Jump point	RDP (TCP 3389) For Remote Admin		APP (Central Admin /SSP Admin)
Inbound	All SharePoint Server (Depends on Central Admin configuration)	Office Server Web Services, TCP 56737, SSL 56738	HTTP	App - Central Admin /SSP Admin (Web Service Control)
Inbound	Index	TCP 80 or 443		WFE
Outbound	ALL SharePoint Servers (Based on Authentication)	DS (TCP 445) RPC (TCP 135) DNS (TCP/UDP 53) Kerberos (UDP 88) LDAP/S (UDP 389/636)		DC (AD) /DNS (LDAP)
Outbound	External Content	DNS (TCP/UDP 53)		DNS
Outbound/(Inbound if applicable)	WFE (alerts or mail enabled list)	SMTP (TCP 25)		SMTP/Exchange
Outbound	ALL SharePoint Servers	SQL (TCP 1433, UDP 1434) or custom port for Named SQL Instance	SQL Server Tabular Data Stream (TDS)	SQL Server
Outbound	WFE (Search Request)	Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)	Server Message Block (SMB)	Query
Outbound	Index (Propagation)	Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)		Query
Outbound	Index (File Shares)	Either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)	Server Message Block (SMB)	External Content
Outbound	Index (BDC)	SQL (TCP 1433, UDP 1434) or custom port		External Content
Outbound	WFE (SSO)	RPC for SSO – (TCP 135), plus random high ports (Dynamic RPC) or restricted high ports (Static RPC)		APP Servers
Outbound	WFE	TPC 80, TCP 443, TCP (custom)	HTTP	Index Server (search crawling)
Outbound	Index (Search Crawling)	TPC 80, TCP 443, TCP (custom)	HTTP	WDE
Outbound	Index (Sites)	TPC 80, TCP 443, TCP (custom)		External Content

SharePoint 2010 Ports

SharePoint 2010 uses the same ports as SharePoint 2010, but there are a few changes that relate to new services

Inbound/Outbound	From	Port	Type	To
Inbound	Service Application	32843, 32844 (HTTPS), 32845 (net.tcp binding)	HTTP	SharePoint Web Service
Inbound	All SharePoint Servers, but where Forefront Identity Management agent is installed	TCP/5725 TCP/UDP 389 (LDAP service) TCP/UDP 88 (Kerberos) TCP/UDP 53 (DNS) UDP 464 (Kerberos Change Password)	-	Active Directory
Outbound	Web Front End Server	TCP/5725 TCP/UDP 389 (LDAP service) TCP/UDP 88 (Kerberos) TCP/UDP 53 (DNS) UDP 464 (Kerberos Change Password)	-	Microsoft SharePoint Foundation User Code Service (for sandbox solutions

Inter-server communications of SharePoint 2007

Extra -server communications of SharePoint 2007

 

参考资料：

http://support.microsoft.com/kb/832017

http://technet.microsoft.com/zh-cn/library/cc262849.aspx

http://msmvps.com/blogs/laflour/archive/2009/11/04/sharepoint-2007-farm-ports-configuring-firewall.aspx