How to : Set up iChat Ports

 http://docs.info.apple.com/article.html?artnum=93208

 


 

Ports to open for Mac OS X firewall

When using the built-in Mac OS X firewall, you only need to open these ports: 5060, 5190, 5297, 5298, 5678, 16384 through 16403

 

Tip: If you don't want to bother, a simple workaround is to temporarily turn off the firewall on each computer.

 

To chat with the Mac OS X Firewall active, follow these steps to add the necessary ports:

 

1. From the Apple menu, choose System Preferences.

2. From the View, choose Sharing.

3. Click the Firewall tab.

4. Click New.

5. From the Port Name pop-up menu, choose Other.

6. In the Port Number, Range or Series field, type in:

 

5060, 5190, 5297, 5298, 5678, 16384-16403

 

7. In the Description field type in: iChat AV

8. Click OK.

 

Ports to open for third-party firewalls

A "simple" firewall only allows you to open or close ports, without any additional criteria. If you have one of these, then you should open these ports:

 

5060, 5190, 5220, 5222, 5298, 5353, 5678, and 16384 through 16403.

 

If that does not work, try opening all ports from 1024 to 65535.

 

More complex routers and firewalls may allow you to specify criteria such as TCP/UDP, incoming/outgoing packets, or source/destination ports. In that case you can use the following tables. Configuration A is less secure than Configuration B, but it works with a wider range of router configurations.

 

Configuration AOutgoing Packets

Internal Source Port External Destination Port

5060, 5190, 5220, 5222, 5297, 5298, 5353, 5678, 16384-16403 1024-65535

Incoming Packets

External Source Port Internal Destination Port

1024-65535 5060, 5190, 5220, 5222, 5297, 5298, 5353, 5678, 16384-16403

 

Configuration B Outgoing Packets

Internal Source Port External Destination Port

5060, 5190, 5220, 5222, 5297, 5298, 5353, 16384-16403 5060, 5190, 5297, 5298, 5353, 5678 16384-16403

Incoming Packets

External Source Port Internal Destination Port

5060, 5190, 5220, 5222, 5297, 5298, 5353, 5678 16384-16403 5060, 5190, 5297, 5298, 5353, 16384-16403

 

Notes:

1. All iChat AV traffic is UDP except for ports 5190 and 5298, which need to be open for both TCP and UDP; and 5220 and 5222, which need to be open for TCP only.

 

2. Ports 5297, 5298, and 5353 are used only for local traffic. Opening these ports may be necessary for firewall software that runs on a computer, rather than on a router. These ports do not need to be open at your uplink to the Internet.