All UDP ports at device side are required to be open because the WAN port of P2P device side is picked randomly by NAT.
TCP ports: 53, 80, 8080, 8000, 443, 21047
Device Side
If all UDP ports cannot be open, at least the device's firewall should allow the following
UDP port: Inbound: 10001, 32761 & Outbound: 53, 10001, 10240
TCP port: 53, 80, 8080, 8000, 443, 21047
Client Side
The client’s firewall should allow the following
UDP port: Inbound: 10001 & Outbound: 53, 10001, 10240, 32761
TCP port: 53, 80, 8080, 8000, 443, 21047