|
由于要把一台SharePoint Server放到外网去,就把IP改到DMZ区了,结果除了系统管理员,其他帐号都无法验证通过,肯定是一些端口没开.
网上一查,SharePoint所需要的端口还真多,不过Client和WFE之间的应该开放80和443就OK了,其余的都是SharePoint Server之间,或者和
公司网络环境的. 具体如下:
SharePoint 2007 Ports
Inbound/Outbound
| From
| Port
| Type
| To
| Inbound
| Client IPs (as applicable)
| TCP 80 or 443 (SSL)
| HTTP
| ISA Web Pub or WFE
| Inbound
| TS Jump point
| RDP (TCP 3389)
For Remote Admin
| | APP (Central Admin /SSP Admin)
| Inbound
| All SharePoint Server (Depends on Central Admin configuration)
| Office Server Web Services, TCP 56737, SSL 56738
| HTTP
| App - Central Admin /SSP Admin
(Web Service Control)
| Inbound
| Index
| TCP 80 or 443
| | WFE
| Outbound
| ALL SharePoint Servers
(Based on Authentication)
| DS (TCP 445)
RPC (TCP 135)
DNS (TCP/UDP 53)
Kerberos (UDP 88)
LDAP/S (UDP 389/636)
| | DC (AD) /DNS (LDAP)
| Outbound
| External Content
| DNS (TCP/UDP 53)
| | DNS
| Outbound/(Inbound if applicable)
| WFE
(alerts or mail enabled list)
| SMTP (TCP 25)
| | SMTP/Exchange
| Outbound
| ALL SharePoint Servers
| SQL (TCP 1433, UDP 1434) or custom port for Named SQL Instance
| SQL Server Tabular Data Stream (TDS)
| SQL Server
| Outbound
| WFE (Search Request)
| Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)
| Server Message Block (SMB)
| Query
| Outbound
| Index (Propagation)
| Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)
| | Query
| Outbound
| Index (File Shares)
| Either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445)
| Server Message Block (SMB)
| External Content
| Outbound
| Index (BDC)
| SQL (TCP 1433, UDP 1434) or custom port
| | External Content
| Outbound
| WFE (SSO)
| RPC for SSO – (TCP 135), plus random high ports (Dynamic RPC) or restricted high ports (Static RPC)
| | APP Servers
| Outbound
| WFE
| TPC 80, TCP 443, TCP (custom)
| HTTP
| Index Server (search crawling)
| Outbound
| Index (Search Crawling)
| TPC 80, TCP 443, TCP (custom)
| HTTP
| WDE
| Outbound
| Index (Sites)
| TPC 80, TCP 443, TCP (custom)
| | External Content
| SharePoint 2010 Ports
SharePoint 2010 uses the same ports as SharePoint 2010, but there are a few changes that relate to new services
Inbound/Outbound
| From
| Port
| Type
| To
| Inbound
| Service Application
| 32843, 32844 (HTTPS), 32845 (net.tcp binding)
| HTTP
| SharePoint Web Service
| Inbound
| All SharePoint Servers, but where Forefront Identity Management agent is installed
| TCP/5725
TCP/UDP 389 (LDAP service)
TCP/UDP 88 (Kerberos)
TCP/UDP 53 (DNS)
UDP 464 (Kerberos Change Password)
| - | Active Directory
| Outbound
| Web Front End Server
| TCP/5725
TCP/UDP 389 (LDAP service)
TCP/UDP 88 (Kerberos)
TCP/UDP 53 (DNS)
UDP 464 (Kerberos Change Password)
| - | Microsoft SharePoint Foundation User Code Service (for sandbox solutions
| Inter-server communications of SharePoint 2007
Extra -server communications of SharePoint 2007
参考资料:
http://support.microsoft.com/kb/832017
http://technet.microsoft.com/zh-cn/library/cc262849.aspx
http://msmvps.com/blogs/laflour/archive/2009/11/04/sharepoint-2007-farm-ports-configuring-firewall.aspx
|
|
|