Menu
Our server in a confined environment need to push notification out to devices installed with our apps. We tried our push client on an open environment and it worked. However when moved to our server, there are network error due to firewall blockage.
Based on google documents:
If your organization has a firewall that restricts the traffic to or from the Internet, you need to configure it to allow connectivity with FCM in order for your Firebase Cloud Messaging client apps to receive messages. The ports to open are: 5228, 5229, and 5230. FCM typically only uses 5228, but it sometimes uses 5229 and 5230. FCM doesn't provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169.
However, we are actually pushing using the HTTP protocol with the following URL:
https://fcm.googleapis.com/fcm/send
Does that means the port to open is now 443 instead of 5228?
Also we will need to configure the host as well because the security team does not allow us to connect to the domain. From the paragraph above, all IP addresses is in the ASN 15169, and i had only managed to find a list here
Anyone with experience with this can give a pointer? Thank you.
803
FCM typically uses port 5228, but it sometimes uses 443, 5229, and 5230.
The FCM HTTP v1 API, which is the most up to date of the protocol options, with more secure authorization and flexible cross-platform messaging capabilities (the Firebase Admin SDK is based on this protocol and provides all of its inherent advantages).
Ports required for Google Firebase Cloud Messaging (FCM) are 5228, 5229, and 5230.
When your app is in the background, Android directs notification messages to the system tray. A user tap on the notification opens the app launcher by default. This includes messages that contain both notification and data payload (and all messages sent from the Notifications console).
Does that means the port to open is now 443 instead of 5228?
You should open 5228, 5229 and 5230 as per the documentation.
FCM doesn't provide specific IPs because our IP range changes too frequently and your firewall rules could get out of date impacting your users' experience. Ideally, you will whitelist ports 5228-5230 with no IP restrictions.
However, if you must have an IP restriction, you should whitelist all of the IP addresses in the IPv4 and IPv6 blocks listed in Google's ASN of 15169. This is a large list and you should plan to update your rules monthly.
50
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
