Which Port and Protocol Does Google Cloud Messaging (Gcm) Use

Which port and protocol does Google Cloud Messaging (GCM) use?

The device accesses the GCM servers on ports 5228-5230.

Note: If your organization has a firewall that restricts the traffic
to or from the Internet, you'll need to configure it to allow
connectivity with GCM. The ports to open are: 5228, 5229, and 5230.
GCM typically only uses 5228, but it sometimes uses 5229 and 5230. GCM
doesn't provide specific IPs. It changes IPs frequently. We recommend
against using ACLs but if you must use them, take a broad approach
such as the method suggested in this support link.

This is relevant if your device is connected to the internet via WiFi.

Here is the link to the relevant GCM documentation: https://developers.google.com/cloud-messaging/http

GCM Push Notification - What ports do we need to open for outbound and inbound?

For GCM notifications to work from IBM MobileFirst Server, ensure you have met the pre-requisites as detailed in the following:

1. Set up guidelines
2. Setting up push notifications for Android

To test if connectivity to GCM is proper and working, you can also try:

Send a request from the command line for GCM to push a message

You should also check with IT and network administrators to confirm that the ports are opened and connectivity verified. Another important point is that you should enable your firewall to allow connectivity to "https://android.googleapis.com/" and not whitelist individual IPs.

How GCM connection Servers sends messages to an Android device?

• GCM works through Google Play Services (no GCM without Google Play Services)
• Devices connect to Google Play Services through TCP on port 5228 (443 as fallback)
• Device sends a heartbeat packet to Google Play Services every 28 minutes on mobile and 15 minutes on wifi
• If device network state changes, the device has to reestablish a TCP connection to Google Play Services, which apparently can lead to problems
• You can check the connection state, heartbeat interval, connection address and port, etc. dialing *#*#426#*#* on a device

You can find some more information in this post on Google Product Forums.

IP range of google GCM push notification server?

I think there is an existing question IP address for Google Cloud Messaging server and the person found out that those are not published by Google. I also tried to look for it once but couldn't find. I might be wrong but I am pretty sure they don't publish that. Maybe instead of using corporate wifi, you can use direct 3G or 4G data plan.

In a comment on why GCM is not giving push notification in android device? question someone has mentioned that He opened the ports 5258,29,30 and then he was able to receive the regId from GCM server behind firewall.

Also I think the answer by @Eran on Which port and protocol does Google Cloud Messaging (GCM) use? will be of help. It says:

The device accesses the GCM servers on ports 5228-5230. If your organization has a firewall that restricts the traffic to or from the Internet, you'll need to configure it to allow connectivity with GCM. The ports to open are: 5228, 5229, and 5230. GCM typically only uses 5228, but it sometimes uses 5229 and 5230. GCM doesn't provide specific IPs. It changes IPs frequently. We recommend against using ACLs but if you must use them, take a broad approach such as the method suggested in this support link.

This is relevant if your device is connected to the internet via WiFi.

Hope this helps a bit.

Update:

As per Mark Whitaker answer to a similar question here, he mentions that:

Newer versions of Android also fall back to port 443 if ports 5228-5230 are blocked by a firewall.

Although there doesn't seem to be an official list still.

Android FCM - What are the IPs and Ports for firewall?

Does that means the port to open is now 443 instead of 5228?

To receive messages

You should open 5228, 5229 and 5230 as per the documentation.

To send messages

FCM doesn't provide specific IPs because our IP range changes too frequently and your firewall rules could get out of date impacting your users' experience.
Ideally, you will whitelist ports 5228-5230 with no IP restrictions.

However, if you must have an IP restriction, you should whitelist all of the IP addresses in the IPv4 and IPv6 blocks listed in Google's ASN of 15169. This is a large list and you should plan to update your rules monthly.

Make GCM work on all networks

As I understand it, when you set a firewall in your network, it blocks all ports except default ports (used for general purposes such as HTTP, HTTPS, SMTP, etc...). If you to use other ports, you have to open them manually.

Google needed some ports for their service, and they chose 5228-5230. In a similar way, Apple chose 5223 for their push notifications. Both will be blocked in a normal firewall configuration, and have to be manually opened.

Since this issue is not unique to your applications (i.e. all the applications that use Google Cloud Messaging will be affected the same way by the GCM ports being blocked), there is no point worrying about it.

Google Cloud Messaging not working on 4.1.2 devices on a corporate network

I've finally figured out what the problem is. The corporate firewall is blocking traffic on the native GCM port of 5228. (5229 and 5230 are also mentioned with relation to GCM but we're not seeing any attempted traffic on those ports at all.) This much is well documented elsewhere (just Google GCM port 5228).

What I can't find clearly documented anywhere, but we've figured out from our server logs and from running Connection Tracker on the handsets, is that newer versions of Android fall back to using port 443 (the standard HTTPS port) which most firewalls allow traffic through by default. This is how our devices running newer Android versions are working even behind the firewall. I don't know precisely what Android version introduced this port 443 fallback, but it's somewhere between 4.1.2 (not working) and 4.3 (working).

---

Related Topics