Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
767
Views
0
Helpful
0
Replies

can't telnet from server to Apple,android & google URL

a.khan001
Level 1
Level 1

‎01-14-2016 09:24 AM

Hi Everyone,

I have a firewall 5515 with version 9.1(2) and asdm 7.1(3).

I have been given a task to allow a communication from one of our server of development team behind firewall to below mentioned URLs.......

1.android.googleapis.com
2. api.development.push.apple.com
3. api.push.apple.com

First time to access these URL i made the access-list for source (server ) and destination these URL with ports http & https.

but last URL (api.push.apple.com) was not accessable via telnet 

like ...... telnet api.push.apple.com 443.

then we searched on google to see if additional configuration is required like any other ports required to access this URL of apple then we found below mentioned information.

Push providers, iOS devices, and Mac computers are often behind firewalls. To send notifications, you will need to allow inbound and outbound TCP packets over port 2195. To reach the feedback service, you will need to allow inbound and outbound TCP packets over port 2196. Devices and computers connecting to the push service over Wi-Fi will need to allow inbound and outbound TCP packets over port 5223.

The IP address range for the push service is subject to change; the expectation is that providers will connect by hostname rather than IP address. The push service uses a load balancing scheme that yields a different IP address for the same hostname. However, the entire 17.0.0.0/8 address block is assigned to Apple, so you can specify that range in your firewall rules.

 Developer asked to add  this url also ( gateway.push.apple.com) in ACL. (i also added this url in acl.)

now i have configured ACL for outbound (source is server & destination all three URLs... with ports http,https,2196,2195 & 5223. 

For  inbound on outside interface port with source (any) and destination (server) with port number http,https,2196,2195 & 5223. 

But we are not able to telnet (android.googleapis.com) and (gateway.push.apple.com) on any of the above ports 443,http,https,2196,2195 & 5223. 

one more thing please also clarify that can we telnet all URL on given ports 2196,2195 & 5223 or we can only telnet url with 443 port ?

Awaiting for valuable feedback.

you can also mail me khan.adeeb26@gmail.com

Labels:
0 Helpful
0 Replies 0
Top