Hi @Hun boy
Thank you for your post.
We do not have any port restrictions enforced, we would recommend device registration, and require the access on HTTPS port for the following URLs: https://login.microsoftonline.com
https://enterpriseregistration.windows.net And you need to exclude device.login.microsoftonline.com, if they are using device based CX policy. Also, you need to consider excusing MDM URLs like the following for Intune: https://portal.manage.microsoft.com
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join#network-connectivity-requirements
Additionally, here is the document for your reference on the worldwide endpoints, this is jfyi
https://learn.microsoft.com/en-gb/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#microsoft-365-common-and-office-online
Hope this helps.
Please "Accept the answer" if the information helped you, so that others in the community facing similar issues can easily find the solution.