Wireless Access

last person joined: 9 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

apple - macbook - airplay - appletv - firewall port findings

This thread has been viewed 0 times

  • 1.  apple - macbook - airplay - appletv - firewall port findings

    Posted Dec 14, 2012 03:16 PM

    Just in case some one else may share a similar experience.

    Controller software version 5.0.3.3 - trying to setup firewall policy to allow ipad, iphone, macbook, and appletv to share photo's, music, videos, and presentations in a customer conference room on a single SSID and single vlan.  initial policy was set to only allow http(s), dns, and dhcp.

     

    Apples documentation for typical ports, airplay ports, ect., did not work, and only assisted in getting the 'option' to share to an appletv to finally show up on devices.

    Other post mentioned ipv6 and qos struff that did not seem to apply to us.

    After working with Aruba support (Sreejith Mankiavil - was incredibly helpful), we were able to obtain a list of ports that were being used, but not listed in the apple docs...Not that I could find.

    Sreejith showed me an incredibly helpful command to identify attempted, and failed, port utilization.

     

    show datapath session table <clientIPaddress>

     

    After that, we were quickly able to find the ports needed to do what we needed.  Sreejith provided port recommendations, but I did go back and test one at a time until I got something I felt would be ok...maybe?

     

    The ports that were missing from Apple docs (that i found) were 5000 > 7000 > 7001 > 7100 > 7010 > 7011.

     

    The firewall policy we put together to get the Apple macbook, iphone, and ipad to work together using AirPlay, and AppleTV, on a local network included the addition of the following permits:

    LocalAlias   >   224.0.0.251   >   tcp  >  port - 5353  (mdns - apple BS)

    LocalAlias   >   224.0.0.251   >   udp >  port - 5353

    LocalAlias   >   LocalAlias     >    tcp  >  port - 5000  (seen with music)

    LocalAlias   >   LocalAlias     >    tcp  >  port - 7001  (seen with video)

    LocalAlias   >   LocalAlias     >    tcp  >  port - 7000  (seen with picture/file)

    LocalAlias   >   LocalAlias     >    tcp  >  port - 7100  (seen with display-mirroring)

    LocalAlias   >   LocalAlias     >    udp >  port - 7010  (seen with display-mirroring)

    LocalAlias   >   LocalAlias     >    udp >  port - 7011  (seen with display-mirroring)

    LocalAlias   >   LocalAlias     >    tcp  >  port - 3689  (don't remember needing it, but added it for iTunes music sharing)

    LocalAlias   >   LocalAlias     >    tcp  >  port - 49152-65535 (dynamic ports)  (!!!-REALLY...LOL...I know, right...but it works)

    LocalAlias   >   LocalAlias     >    udp >  port - 49152-65535 (dynamic ports)  (Still LOL...)

    any              >   any               >    tcp  >  port  - 123  (so appletv can get time)

    any              >   any               >    udp >  port  - 123  (so appletv can get time)

     

    Have no idea if this will help any one, but I just know I would love to have found this at the begining of the week.

     


    #7010


  • 2.  RE: apple - macbook - airplay - appletv - firewall port findings

    Posted Jul 29, 2013 03:52 PM

    That is the most complete list of AppleTV port that I have seen, Thanks a lot for this.