The client configured the firewall and wont even tell me how they did it so I can't be 100% that's why I was hoping to find some very specific white papers on requirements and protocol but if it helps any, when I specify the address and tell the client to use SSL I can see the repository but can't connect to it.  Really I was just hoping to be able to provide them enough info that they can configure their firewall however they want to work with what LFS needs to run,

If the data is going to be routed to port 80 on the server you don't want to use SSL.  Seeing the repository isn't evidence of anything, since you had to attach it, right?  The usual SCP broadcast won't work through a firewall.

Just forward port 80 to port 80, 443 to 443.  If port 80 is already in use pick something else; 81 and 8080 are popular choices.  Mapping 443 to 80 seems like you're inviting confusion about the protocol to use.  The traffic that arrives on port 80 at the server must be HTTP, traffic that arrives on 443 must be HTTPS.

Can we safely tell a client that specifying a rule that opens port 80, 5050 and 5051 (for XP) in firewalls  unidirectionaly to the LF Server is fine for situations where there is a firewall between a LF Client and Quick FIelds?

To correct my last comment I meant when there is a firewall between a QF or a LF client station and the LF server. Also, for Windows XP I think we need port 5050.