Hello team, We are deploying exchange 2010, lync 2010 IM chat and AD in our internal network and having TMG 2010 for reverse proxy on publishing the exchanage and lync to the external world. We need to understand what are the ports need to be opened in the internal firewall and external firewall for exchange 2010, lync 2010 IM chat and Active directory for accessing the clients both internal and from external. I have already read the technet articles regarding the port detail for Exchange and lync but still not much clear on it ...Could you please provide only the exact and required ports & port number needs to be opened. Since it is banking sector we are much keen on the port to opened for security purpose.... Found the below port detail for AD internal but still i want abt the exchange 2010 and lync..communication internal and external.. UDP Port 88 for Kerberos authentication UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations. TCP Port 139 and UDP 138 for File Replication Service between domain controllers. UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers. TCP and UDP Port 445 for File Replication Service TCP and UDP Port 464 for Kerberos Password Change TCP Port 3268 and 3269 for Global Catalog from client to domain controller. TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller.Exchange Queries

I recommend that you post the Lync questions to the Lync forum. How are you deploying TMG, one, two or three NICs, and to which networks are they connected? Will the TMG be domain-joined or are you planning to use some other authentication method, like LDAP?Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Planning to deploy the TMG in workgroup model with 2 nic card. I need the port detail to be allowed for exchange on internal and external firewall..??Exchange Queries

Which mean only Port 443 need to be opened in external firewall and no other ports need to be opened for exchange communication between external world and vice versa if you not using pop3 and imap4..Please confirmExchange Queries

That is correct. For Exchange client access from the Internet all traffic (OWA, EWS, Autodiscover, ActiveSync, Outlook Anywhere) runs over port 443.