SCCM Firewall Ports

Ports you can configure

Configuration Manager enables you to configure the ports for the following types of communication:
Application Catalog website point to Application Catalog web service point
Enrollment proxy point to enrollment point
Client-to-site systems that run IIS
Client to internet (as proxy server settings)
Software update point to internet (as proxy server settings)
Software update point to WSUS server
Site server to site database server
Reporting services points

Non-configurable ports

Configuration Manager doesn’t allow you to configure ports for the following types of communication:
Site to site
Site server to site system
Configuration Manager console to SMS Provider
Configuration Manager console to the internet
Connections to cloud services, such as Microsoft Intune and cloud distribution points

Required SCCM Firewall Ports

These firewall ports are required for SCCM to properly manage clients. You need to specify these in your network / firewall to allow the traffic pass, and they must be open on sccm servers internal firewall as well.

Firewall Ports Client Network -> Configuration Manager Roles

Firewall Ports Configuration Manager Roles -> Client Network

Optional SCCM Firewall Ports, nice to have.

These ports are optional and not required for Configuration Manager to manage clients. I still recommend to open them as they make the daily life of the SCCM administrator much easier.

Firewall Ports Client Network -> Configuration Manager Roles

Firewall Ports Configuration Manager Console -> Client Network

Microsoft Article Reference: View the MS Article link…

Exit mobile version