The larger and more complex your on-prem SfB installation is, the greater the likelihood of encountering firewall problems.

If you run this script on your Front-End server(s) it will:

  • query the topology to find all of the Edge servers. (Add the “-site” switch to only retrieve those in a given topology site)
  • initiate a TCP probe to all of them on all the ports that should be open: 443, 4443, 5061, 5062, 8057 & the CLS Logging ports 50001/2/3
  • executes a TURN test to UDP 3478. (Thank you Frank Carius @msxfaq for this code)
  • output the results to screen
  • output the results to the pipeline as an object
  • save the results in the log file in csv format




You’ll find a code-signed version of the script on GitHub. You’re welcome to pinch, adapt or improve upon the code with my blessing. If you encounter any problems with it please create an issue on the repo.

Revision History

6th June 2020. Updated the Download link to point to GitHub.

v1.2 7th August 2019.

  • Added ‘TCP’ and ‘UDP’ headers to the output object
  • Added previously excluded CLS ports 50002 & 50003
  • Added new ‘-ports’ switch to let you specify one or more ports, overriding the defaults
    (All port numbers except 3478 will be treated as TCP)
  • Moved “$udpClient.Send” line inside the Try so invalid FQDNs don’t spray red on screen

v1.1 7th April 2019.

  • Added Frank Carius’ UDP3478 test. Thank you Frank!
  • Added ‘-TargetFqdn’ switch to force a test to a single machine – or a list. (Thanks Naimesh!)
  • Added write-progress to the port tests so you can see when it’s stuck on a bad port

v1.0 10th December 2018. This is the initial release.


– G.

Leave a Reply

Your email address will not be published. Required fields are marked *

... and please just confirm for me that you're not a bot first: Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.