This is a list of ports and protocols used by the Teamline system. You will need this if your network has Network Access Control (NAC) enabled, which analyzes traffic from the unit for security purposes.
Room system connectivity
All source ports are ephemeral (1024-65535) unless otherwise specified.
Outbound
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 53 | DNS server as defined in the network configuration | TCP/UDP (DNS) | Used to resolve domain names or find services (for example, in autodiscovery on older configurations using SRV or A records) |
| 67 |
Broadcast DHCP server |
UDP (DHCP) | Requests to DHCP server |
| 443 |
*.maestro.starleaf.com Local Maestro server * denotes either config or fw. If you are using a proxy, the whitelist should be *.maestro.starleaf.com and maestro.starleaf.com if the first rule doesn’t cover this |
TCP (HTTPS) |
Management server connection (either hosted or on-premise) |
| 5355 | Windows devices | TCP/UDP (LLMNR) | Used to resolve names on the local network |
Inbound
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 68 | DHCP server | UDP (DHCP) | Responses from DHCP server |
| 80 | Any | TCP (HTTP) | Endpoint control API |
| 443 | Any | TCP (HTTPS) | Web UI |
On-premise Skype for Business 2015 or Lync 2013
All source ports are ephemeral (1024-65535) unless otherwise specified.
Outbound
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 80 |
lyncdiscover.domain lyncdiscoverinternal.domain autodiscover.domain |
TCP (HTTP) | Used in Lync and EWS autodiscovery |
| 88 | AD server | TCP/UDP | Kerberos authentication |
| 443 |
Local webticket ADFS wsfed servers |
TCP (HTTPS) | Various authentication modes for external servers (also EWS server) |
| 3478 | Edge server | UDP (STUN/MSTURN) | Used for external user access to AV sessions and media (UDP) |
| 5061 | Front End server | TCP (MTLS) | Used for client-to-server SIP traffic for external user access |
| 1024-65535 |
Front end server Other client |
UDP | Audio, and video (minimum of 40 ports required) |
| 1024-65535 |
Front end server Other client |
TCP | Audio, video, and application sharing |
| 1024-65535 |
Front end server Other client |
TCP (PSOM) | Peer-to-peer file transfer for conferencing file transfer. Clients use PSOM |
Teamline systems on external networks
If the Teamline system is not located on the same local network as the Skype for Business deployment (that is, if it connects using the Edge server), the following ports and protocols also apply.
All source ports are ephemeral (1024-65535) unless otherwise specified.
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 443 | Edge server | TCP (TLS) | Used for client-to-server SIP traffic for external user access |
| 443 | Edge server | TCP (PSOM/TLS) | Used for external user access to web conferencing sessions |
| 443 | Edge server | TCP (STUN/MSTURN) | Used for external user access to A/V sessions and media (TCP) |
| 3478 | Edge server | TCP (STUN/MSTURN) | Used for external user access to A/V sessions and media (UDP) |
| 1024-65535 | Other client | UDP | Audio, and video |
| 1024-65535 | Other client | TCP | Audio, video, and application sharing |
| 50,000-59,999 | Edge server | UDP | Audio, and video |
| 50,000-59,999 | Edge server | TCP | Audio, video, and application sharing |
Skype for Business Online
The full range of Skype for Business Online IP addresses is available at: https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US&fromAR=1#BKMK_LYO
All source ports are ephemeral (1024-65535) unless otherwise specified.
Outbound
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 443 | Skype for Business Online servers | TCP (HTTPS) | Webticket, wsfed authentication |
| 443 | Skype for Business Online servers | TCP (TLS) | SIP signaling |
| 443 | Skype for Business Online servers | TCP (PSOM/TLS) | PSOM connections web conferencing |
| 443 | Skype for Business Online servers | TCP | Audio, video, and application sharing (source port depends on configuration) |
| 3478-3481 | Skype for Business Online servers | UDP | Audio, video, and application sharing (source port depends on configuration) |
| 50,000-59,999 |
Skype for Business Online servers Other client |
TCP/UDP | Audio (source port 50,000-50,019) |
| 50,000-59,999 |
Skype for Business Online servers Other client |
TCP/UDP | Video (source port 50,020-50,039) |
| 50,000-59,999 |
Skype for Business Online servers Other client |
TCP | Application sharing (source port 50,040-50,059) |
Inbound
| Port | Host | Protocol | Notes |
|---|---|---|---|
| 50,000-50,019 |
Skype for Business Online servers Other client |
TCP/UDP | Audio (source port 50,000-59,999) |
| 50,020-50,039 |
Skype for Business Online servers Other client |
TCP/UDP | Audio (source port 50,000-59,999) |
| 50,040-50,059 |
Skype for Business Online servers Other client |
TCP | Application sharing (source port 50,000-59,999) |
Internal for Teamline 5141
All connections from the touchscreen controller to the Teamline 5141 system use IPv6 and always originate from ephemeral ports.
| Port | Protocol | Notes |
|---|---|---|
| 69, 443, 5000, 5152, 23456 | TCP (various application layer protocols) | StarLeaf internal endpoint control |