Enabling Apple ports

Ensure that traffic can pass through certain ports in your Firewall so that push notifications work properly on the Firefly for Students and Firefly for Teachers apps.

To use the Apple Push Notification service (APNs), your Mac and iOS clients need a direct and persistent connection to Apple's servers.

iOS devices try to connect to APNs using cellular data first. If the device can't connect to Apple's servers over the cellular connection, it then tries to connect using Wi-Fi.

If you use Wi-Fi behind a firewall or a private Access Point Name (APN) for cellular data, you'll need a direct, unproxied connection to the APNs servers on these ports:

  • TCP port 5223: for communicating with Apple Push Notification services (APNs)
  • TCP port 2195: for sending notifications to APNs
  • TCP port 2196: for the APNs feedback service
  • TCP port 443: for a fallback on Wi-Fi only, when devices can't reach APNs on port 5223

The APNs servers use load balancing, so your devices won't always connect to the same public IP address for notifications. It's best to allow access to these ports on the entire address block, which is assigned to Apple.

Learn more about the ports Apple services use. The Apple Developer website has more information about the Apple Push Notification service.