[Ports used] DirectAccess

On the posts related to network flux here's DirectAccess or DA.

Warning:

Using NAT is not supported in this case:

• On public address of the server / WAN network card and if the gateway are not deployed on Windows Server 2012

Port	Protocol	Remark
Forefront UAG ⇔ Mobile user (IPv4)
All	ICMPv4	~
All	ICMPv6	IPv6
41	Protocol	6to4
443	TCP	IP-HTTPS
3544	UDP	Teredo

Forefront UAG ⇔ Mobile user (IPv6)
All	ICMPv6	~
50	Protocol	ESP-protected payload
500	UDP	IKE and AuthIP traffic

Forefront UAG ⇔ LAN
41	Protocol	ISATAP
All	ICMPv4	~
All	ICMPv6	~

Forefront UAG ⇔ NAP
1645	UDP	Legacy RADIUS Authentication and Authorization
1646	UDP	Legacy RADIUS Accounting
1812	UDP	RADIUS Authentication and Authorization
1813	UDP	RADIUS Accounting

Forefront UAG ⇔ DNS
53	UDP	~

Forefront UAG ⇔ Authentication
88	TCP and UDP	Kerberos
135	TCP	RPC call
137	UDP	NetBios Session
138	UDP	NetBios Datagram
139	TCP	RPC NT 4.0
389	TCP and UDP	LDAP
445	TCP and UDP	CIFS Share
464	TCP and UDP	Kerberos Password v5 authentication
636	TCP	LDAPS
1024 ~ 5000	TCP	RPC services (Windows 2003 series)
49152 ~ 65535	TCP	RPC services (Windows 2008 series)
3268 and 3269	TCP	AD global catalog

Forefront UAG ⇔ SCCM
67 and 68	TCP and UDP	PXE - DHCP
69	UDP	PXE - TFTP
135	TCP	Manager Console - RPC listener
2701 and 2702	TCP and UDP	Manager Console - Remote control
4011	UDP	PXE - BINL
8530	TCP	Software Update Point
8531	TCP	Software Update Point (SSL)
63 000 ~ 64 000	TCP	Distribution Point - Multicast

Forefront UAG ⇔ Miscellaneous
9	UDP	Wake on LAN
80	TCP	~
443	TCP	~
445	TCP	File sharing
3389	TCP	Remote desktop

[Update]: thanks to Benoît SAUTIERE who notice me about the missing ports for Windows 2008 domain controller.