Azure AD connect firewall ports

This Azure article will discuss all about the Azure AD connect firewall ports.

Azure AD connect firewall ports

Below is the information which describes the ports that are needed for communication between the Azure AD Connect and on-premise Azure AD and Azure AD

For communication between Azure AD Connect and on-premise Azure AD

53 (TCP/UDP)Needed for DNS lookups on the destination forest.
88 (TCP/UDP)Needed for Kerberos authentication to the AD forest.
135 (TCP)It is used for the initial configuration of the Azure AD Connect wizard when it binds to the Active Directory forest, needed for sync of the Password.
389 (TCP/UDP)It is required for importing the data from AD.
445 (TCP)Used to create the computer account in the AD forest.
636 (TCP/UDP)You can use this port to import data from the Active Directory.
5985 (TCP) and 9389 (TCP)We can use this port if we are installing AD FS with gMSA by the help of Azure AD Connect Wizard

For communication between Azure AD Connect and Azure AD

80 (TCP)You can use this port to download Certificate Revocation Lists.
443(TCP)We can use it to synchronize with Azure Active Directory.

For more information, you can visit Microsoft’s official site

You may also like following the articles below


In this article, we discussed the AD connect firewall ports. Thanks for reading this article !!!