Delivery Optimization Port Configurations

FAQ Jadit 0 Reputation points
2026-07-03T02:13:41.7033333+00:00

We turned on peer-to-peer Delivery Optimization, but our local network devices are still downloading updates directly from the internet instead of sharing them locally. What specific inbound and outbound UDP/TCP ports must be whitelisted on our local endpoint software firewalls for peer discovery to succeed .

Windows for business | Windows 365 Enterprise
0 comments No comments

1 answer

Sort by: Most helpful
  1. Jason Nguyen Tran 21,615 Reputation points Independent Advisor
    2026-07-03T02:50:23.4433333+00:00

    Hi FAQ Jadit,

    For peer-to-peer sharing to work properly, the right firewall ports need to be open so devices can discover each other and exchange content locally.

    Here are the specific ports you’ll want to whitelist:

    • TCP 7680: This is the primary port used for peer-to-peer content sharing between devices on the local network.
    • UDP 3544: This port is used for Teredo NAT traversal, which allows peer discovery and connectivity across NATs. It’s required if you’re using Delivery Optimization modes that involve groups or internet peers.
    • TCP/UDP 443 (HTTPS): Needed for communication between the Delivery Optimization client and Microsoft’s cloud service to authenticate and coordinate downloads.

    Make sure these ports are allowed for both inbound and outbound traffic on your endpoint firewalls. Also confirm that your network devices can reach the Delivery Optimization service endpoints (*.do.dsp.mp.microsoft.com, *.dl.delivery.mp.microsoft.com, *.windowsupdate.com), since peer discovery still relies on coordination with Microsoft’s cloud service.

    If you find this answer helpful, kindly hit “accept answer”.

    Jason.

    Was this answer helpful?

    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.