If you are writing an iOS application that needs to communication with the Apple APN (Apple Push Notification) servers, or if you are are an end user behind a strict firewall, the information below can be used to correctly configure the firewall rules to allow access.
Apple own the 17.0.0.0/8 address block, so you should be safe to allow access to just that destination network.
Server side:
This applies if you are writing a app that needs to send push notifications to Apple’s push notification servers.
Port | Protocol | Description |
2195 | TCP | Push notification services |
2196 | TCP | Push notification feedback services |
Client side:
The following ports will need to be allowed on your firewall to allow you to receive push notifications from Apple.
Port | Protocol | Description |
5223 | TCP | Push notification data |
443 | TCP | Fallback push notification data when port 5223 is blocked |
According to the Apple documentation, iOS devices will try to use the cellular network first, and will only use wi-fi as a fallback.