It is not possible to use the core as the main dhcp because we have our IP phone and modem integrated with the router (which also host our vpn). I have tried to contact our internet/phone provider to set the modem in bridge mode, but it is not possible and for the phone system to work it has to be directly conected to the internet.
My question is simple, and i think the answer is simple to: Which port do i need to open to open for samba access from the external network?
Your comment on dhcp indicates that you do not understand how dhcp is supposed to work (generally or in LMCE). There are 2 network segments, LMCE must provide DHCP for the internal segment... please read and understand this http://wiki.linuxmce.org/index.php/Network_Setup
.... nothing in your setup is either unusual nor prevents LMCE from being the DHCP server.
Also, you do not need your broadband device to be a bridge to setup VoIP, it is very common to do so in router mode, and can be done using either the DMZ function of your router or using specific port forwarding and a few config options. It is certainly easier to setup using a bridge, but not required, and leaving your VoIP the way it is means that it will not integrate with LMCE so you loose all that functionality.
Yes, 139 or 445 (which is the more modern equivalent, but either will do) - however, again, doing it this way you will have name resolution issues and have to map drives permanently using IP addresses, leaving you open to failures due to the possiblity of IP changes.
Summary - the approach you are taking means:
1) You will loose the most important Plug n Play system LMCE and in most cases need to add devices manually with the consequent chance of misconfiguration
2) You will loose the ability to have Media Directors as they will be unable to boot, thus limited to a single, hybrid system
3) You will loose VoIP integration with LMCE, thus not be able to distribute telephony around the house, integrated voice mail, IVR, call routing, intelligent handling of calls through house and user modes, onscreen integration, integration with the security system, etc.
4) You will manually have to poke unnecessary holes in the firewall
5) Potentially suffer chronic disconnections between internal and external devices
6) Have to manage 2 groups of devices (internal/external), and coordinate them accessing each other with no name resolution, rather than all being able to access each other without intervention and with name resolution.
Probably other stuff I forgot. But all of this could be avoided completely, as long as you realise that your 2 fears above are completely unfounded and easy to allow within the standard LMCE configuration.