|
|
Which ports to enable on Firewall to allow ichat?
|
|
|
|
Senior User
Join Date: Feb 2001
Location: The Sunny Isle of Wight
Status:
Offline
|
|
Hi,
Which ports should I enable to allow iChat to work?
I currently have all blocked.
thanks
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jul 2002
Location: Boston, MA
Status:
Offline
|
|
UDP 5060 for SIP
UDP 16384-16403 for the range of ports a data channel can be brought up on.
Apple KB article
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Feb 2001
Location: The Sunny Isle of Wight
Status:
Offline
|
|
thanks kampi.
I can never find anything in the knowledge database!
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Dec 2000
Location: Caught in a web of deceit.
Status:
Offline
|
|
Do you have to open up all of those 163xx ports? I have only spots for 10 ports.
Can I just open up 5060 and some from that 16384-16403 range as the triggers for all the rest of those ports? (I have everything set as UDP, not TCP, but I did come across some info about TCP with some local network ports or something.) I assume no, because I tried it and it didn't work. Below is a picture of my NAT translation page:
And it's definitely the router's firewall, since iChat works fine if I turn off the firewall.
Or would I be able to make it work with other ports open?
Failing that, what routers are known to work with this? I may just buy a new one if necessary. My local network involves a PC and a Mac. (I don't want to buy an Airport though.)
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Dec 2002
Location: Partying down with the Ewoks, after I nuked the Death Star!
Status:
Offline
|
|
|
"Hello, what have we here?
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jul 2002
Location: Boston, MA
Status:
Offline
|
|
That whole range of high ports may or may not need to be open. 5190 is for AIM, 5298 for Rendevous (if you need it).
Based on what I've seen trying to troubleshoot an earlier iChat AV issue there is a negotiation of sorts regarding what high port in that range will be used for the data channel involving an Apple server. 5060 is for a control channel. I haven't used the AV functions in awhile but that is what I recall.
Also, iChat AV functions don't like a multiple NAT situation, or the one I was working on anyway. For instance, I have a friend who uses a cable router, and off that router is a wireless router hooked to a switch port on the cable router. Wireless users PAT to an address on the inside of cable router, and the cable router PATs to the public address of the cable router. Didn't work out too well.
Forgot to mention, I don't open any ports on my network firewall, my default deny policy is still in place. I do however modify my host firewall.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|