This question has to do with ForeFront TMG UAG (on Windows Server 2008 R2) and RSA SecurID. We setup a firewall to allow RSA access from the UAG over udp/5500 and restricted the source port to 49152-65535. This did not work as expected, so we relaxed the source port to 5000-65535 and it worked.
I checked the dynamic port range for udp (and tcp) and were as follows; (we did not change these, so assume TMG / UAG opens wider range).
Is the end 55535 an error? Should it be 65535 instead?
netsh int ipv4 show dynamicport udp
Protocol udp Dynamic Port Range
---------------------------------
Start Port : 10000
Number of Ports : 55535
netsh int ipv4 show dynamicport udp
Protocol udp Dynamic Port Range
---------------------------------
Start Port : 10000
Number of Ports : 55535
Thanks.
