Configuring the Windows Firewall for SharePoint Farm Traffic

This is Step 6 in my SharePoint 2013 Setup Guide

On each SharePoint 2013 Server, you will need to set a firewall rule to allow SharePoint intra-farm traffic and HTTP/HTTPS traffic. Alternatively, you can disable the Windows Firewall if you choose and if you have another firewall solution.

You can set the Windows Firewall rules by navigating to the Control Panel, then click System and Security, then click Windows Firewall, and finally click Advanced settings. In the Inbound Rules area, ensure that the server allows connections on port 80 (HTTP) and port 443 (HTTPS). Add the ports listed in the table below for the SharePoint 2013 inter-farm communication by following these steps:

  1. In the Windows Firewall with Advanced Security window, click Inbound Rules.
  2. In the Actions panel, click New rule…
  3. In the New Inbound Rule Wizard window, select Ports as the Rule Type and click Next.
  4. Select the appropriate choice between TCP and UDP, and enter the desired port(s) for the Specific local ports. Click Next.

    Windows Firewall rule specifying the protocol and ports
    Windows Firewall rule specifying the protocol and ports
  5. Click Next. On the Profile screen, click Next.
  6. On the Name screen, enter the desired name and click Finish.

    Windows Firewall rule specifying the rule's name
    Windows Firewall rule specifying the rule’s name

Complete the above steps for each of the following rules.

Rule Name TCP or UDP Ports
SharePoint Web Traffic TCP 80,443
SharePoint Search Index TCP 16500-16519
SharePoint Farm Communication TCP 32843,32844,32845
SharePoint Profile Synchronizing (TCP) TCP 5725,389,88,53
SharePoint Profile Synchronizing (UDP) UDP 389,88,53,464
SharePoint User Code Service TCP 32846
SharePoint SMTP Service TCP 25

Next, you are ready for the Office Web Apps 2013 server installation and configuration.