The larger and more complex your on-prem SfB installation is, the greater the likelihood of encountering firewall problems.

If you run this script on your Front-End server(s) it will:

  • query the topology to find all of the Edge servers. (Add the “-site” switch to only retrieve those in a given topology site)
  • initiate a TCP probe to all of them on all the ports that should be open: 443, 4443, 5061, 5062, 8057 & the CLS Logging ports 50001/2/3
  • executes a TURN test to UDP 3478. (Thank you Frank Carius @msxfaq for this code)
  • output the results to screen
  • output the results to the pipeline as an object
  • save the results in the log file in csv format




Download the script from the Technet Gallery site.

Revision History

v1.2 7th August 2019.

  • Added ‘TCP’ and ‘UDP’ headers to the output object
  • Added previously excluded CLS ports 50002 & 50003
  • Added new ‘-ports’ switch to let you specify one or more ports, overriding the defaults
    (All port numbers except 3478 will be treated as TCP)
  • Moved “$udpClient.Send” line inside the Try so invalid FQDNs don’t spray red on screen

v1.1 7th April 2019.

  • Added Frank Carius’ UDP3478 test. Thank you Frank!
  • Added ‘-TargetFqdn’ switch to force a test to a single machine – or a list. (Thanks Naimesh!)
  • Added write-progress to the port tests so you can see when it’s stuck on a bad port

v1.0 10th December 2018. This is the initial release.


– G.

Leave a Reply

Your email address will not be published. Required fields are marked *

... and please just confirm for me that you're not a bot first: Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.