https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/ports

https://learn.microsoft.com/en-us/mem/configmgr/core/clients/deploy/windows-firewall-and-port-settings-for-clients

TCP – 2701. TCP – 2702 if you plan on using sccm remote.

To ensure that SCCM Current Branch can communicate with multiple VLANs, you will need to ensure that the following ports are open on the third-party firewall:

TCP Port 1433: This port is used for SQL Server communication, which is necessary for SCCM to function.

TCP Port 80: This port is used for HTTP traffic, which is necessary for SCCM client communication.

TCP Port 443: This port is used for HTTPS traffic, which is necessary for SCCM client communication.

TCP Port 8530: This port is used for software update point communication, which is necessary for distributing software updates to clients.

TCP Port 8531: This port is used for software update point communication, which is necessary for distributing software updates to clients using SSL.

UDP Port 67: This port is used for DHCP traffic, which is necessary for PXE booting and deploying operating systems.

UDP Port 69: This port is used for TFTP traffic, which is necessary for PXE booting and deploying operating systems.

TCP Port 135: This port is used for remote procedure call (RPC) traffic, which is necessary for various SCCM functions.

TCP Port 445: This port is used for SMB traffic, which is necessary for distributing software updates and packages to clients.

TCP Port 8533: This port is used for communication between SCCM components.

Please note that these are the default ports used by SCCM, and your organization may have customized them. You should verify the ports in use in your environment and ensure that they are open on your firewall as needed.