We have problem to control the Messenger Live, thats must be only permitted to a specific group from Active directory. Authentication for internet is working with passport, but for Messenger needs the TCP 1863 port to be open by user, the question is: is possible to authenticate users to permit that kind of traffic?
You should be able to authenticate almost any type of traffic through the firewall. If you're not using MLC then your users will have to enter a username/password to authenticate this traffic (since you cannot non-transparently authenticate this traffic [non-transparent to the user]).
We don't have the resources to troubleshoot things via the Community forum (nor is it even a good place TO troubleshoot, i.e. collect logs, etc.), so if this is an issue you need resolved quickly I would file a ticket with Support.