Required open ports for OS X (Casper) update

To use Profile Manager, you should ensure that the following ports are open on your network.

2195, 2196 TCP Used by Profile Manager to send push notifications
5223 TCP Used to maintain a persistent connection to APNs and receive push notifications
80/443 TCP Provides access to the web interface for Profile Manager admin
1640 TCP Enrollment access to the Certificate Authority


Requirements for hosting a software update server

  • DNS

The Software Update service requires that the server is registered in DNS (Domain Naming Service) and resolves correctly. The DNS name of the server is used by the clients to download updates.

  • Servers and ports

The synchronization module accesses the following public Software Update servers on destination port 80:

The latter ( currently redirects to the Akamai content distribution network that hosts the updates. Note that the redirected IP address of may vary over time or by geographic region.

With OS X Mountain Lion v10.8 or later, the synchronization module also accesses the following public Software Update server on destination port 443:

  • Proxy

Authenticated proxy servers are not supported by the synchronization module, which means updates will not be mirrored by the server. While the synchronization module may work with non-authenticated and transparent proxy servers, Apple recommends that the Software Update server have direct access to the public Software Update servers listed above.

  • Dedicated network connection to the Internet

Software Update Server requires that the server have a dedicated connection to the Internet (specifically, to the URLs listed above in the “Servers and ports” section). If Software Update Server is unable to reach Apple’s content servers within the default HTTP connection timeout, it will try again during the next scheduled sync, 24 hours later.

These network ports are used by Apple TV for communications on your network.

  • TCP port 123 is used to communicate with a network time server.
  • TCP port 3689 is used to communicate with iTunes while using the iTunes Library Sharing feature.
  • UDP port 5353 is used by Apple TV for automatically finding computers with iTunes on your network using Bonjour.
  • TCP port 80 is used for communicating with podcast servers.
  • TCP port 80 and 443 are used for basic and secure communications with the iTunes Store via the Internet.
  • TCP port 53 is used for regular DNS.

About Robiul

Robiul has 15 years of continuous successful career experience in ICT with extensive background in System Engineering, IT infrastructure design, operations and service delivery, managing IT projects / MIS functions for local and multi-national companies with in-depth knowledge of multiple operating systems as well as construct / manage small to medium size Data Center. Proven ability to design and implement medium to semi-large scale LAN/WAN/WLAN and system infrastructures. Academic qualification: Master of Science in Information Systems. Professional certifications are: MCSE, CCNA, ITIL and FoundStone Security Professional, VCP, NetAPP, CISSP etc.
This entry was posted in Apple and tagged . Bookmark the permalink.