This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 7.000000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Hi All
i have a primary site server, 1 wsus server and 4 distribution points. my primary site server and wsus server also acts as distribution points. i have 5 subnets added to the boundaries and boundary groups are defined.
For my windows servers to communicate with sccm server( i.e agent to server communication) as well as to get updates, install applications from the distribution points. By Allowing the bidirectional ports 80/443/8530/8531 in firewall to the subnets defined in boundary groups to my siteserver, wsus server, distribution points will this work for me?
Hi, @Glenn Maxwell
Thank you for posting in Microsoft Q&A forum.
80/443 is allowed for DP and MP server.
8530/8531 is allowed for SUP server.
If you just want to get updates, install applications, these ports are enough.
For other ports to use:
https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/ports
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
does it require bidirectional ports to be allowed?
Only the inbound rule in server side is required.
The docs marks the direction that each port is needed.
It seems there is no update for a couple of days. May we know the current status of the problem? Is there any other assistance we can provide?