cgstrange

Q: iMessage stops working when on VPN but works on 3g or wifi?

I'm living overseas and am in an all Apple house.  My wife and I, along with my daughters, regularly use iMessage to communicate with our family back in the states and with each other while out and about.  However, over the past few weeks, we've begun to experience a really weird situation.  While connected to regular wifi or using our iPhone's 3G service we can iMessage just fine.  However, when we're connected to a VPN for security reasons (which is most of the time while in our home) our iMessages do not work.  The problem isn't just on our iPhones...it translates to our iPad's, our MacBooks, and our iMac...none of them work while connected to our VPN.  I've contacted our VPN company about it and they said it's definitely something to do with Apple and that they've had numerous inquiries about it.  What should we do?

iPad Air Wi-Fi, iOS 7.1.2

Posted on Jul 24, 2014 1:28 AM

Close

Q: iMessage stops working when on VPN but works on 3g or wifi?

  • All replies
  • Helpful answers

  • by Linc Davis,

    Linc Davis Linc Davis Jul 24, 2014 10:39 AM in response to cgstrange
    Level 10 (207,926 points)
    Applications
    Jul 24, 2014 10:39 AM in response to cgstrange

    What should we do?

    Either disconnect from the VPN when you want to use iMessage, or try another VPN service.

  • by cgstrange,

    cgstrange cgstrange Jul 24, 2014 5:35 PM in response to Linc Davis
    Level 1 (0 points)
    Jul 24, 2014 5:35 PM in response to Linc Davis

    That's a poor answer Linc...it's not just me and it's not just my VPN.  I have several colleagues who experience the same issues with their iMessages on various devices with other VPN companies.  This has all the characteristics of an apple problem...

  • by markwmsn,

    markwmsn markwmsn Jul 25, 2014 12:00 PM in response to cgstrange
    Level 5 (5,652 points)
    Photos for Mac
    Jul 25, 2014 12:00 PM in response to cgstrange

    Could be your VPN supplier is blocking the port the iMessage uses (5223??) and their support folks don't know it.

    Could be that Apple's iMessage servers are blocking your VPN server's addresses for some reason. (VPN servers tend to get blocked because all sorts of people use them for all sorts of purposes good and bad.)

    Other than asking Apple Support about your specific VPN supplier and asking your VPN supplier again about the iMessage port, Linc's answers seems to be a practical one.

  • by KiltedTim,

    KiltedTim KiltedTim Jul 25, 2014 12:04 PM in response to cgstrange
    Level 9 (54,952 points)
    iPhone
    Jul 25, 2014 12:04 PM in response to cgstrange

    The problem is being caused by the VPN (or, more accurately, the host network that the VPN is connected to). There is nothing we can do about that. Talk to the administrators of the network and the VPN. This is NOT an Apple problem, it's a network problem.

  • by AndyPhillips404,

    AndyPhillips404 AndyPhillips404 Nov 16, 2015 11:36 AM in response to cgstrange
    Level 1 (0 points)
    Nov 16, 2015 11:36 AM in response to cgstrange

    i am a iPhone user and set up my own OpenVPN server.   I am having the same issue.   Does anyone know what setting or issues that I should look at as the VPN provider and user?

  • by Ralph Johns (UK),

    Ralph Johns (UK) Ralph Johns (UK) Nov 16, 2015 2:00 PM in response to cgstrange
    Level 9 (72,994 points)
    Applications
    Nov 16, 2015 2:00 PM in response to cgstrange

    Hi,

     

    Since at least iChat 3 and certainly using Internet Sharing in Leopard (iChat 4.0.x) there has been an issue with two connections to the Internet.

     

    Is the VPN the only connection ?

     

     

     

     

    3Sigcopy2.png

    10:00 pm      Monday; November 16, 2015

     

      iMac 2.5Ghz i5 2011 (Mavericks 10.9)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
     Couple of iPhones and an iPad
  • by AndyPhillips404,

    AndyPhillips404 AndyPhillips404 Nov 16, 2015 2:33 PM in response to Ralph Johns (UK)
    Level 1 (0 points)
    Nov 16, 2015 2:33 PM in response to Ralph Johns (UK)

    The issue, which is on my iPhone, has SMS so the message fails the first time then when I hit resend it sends it over cellular (green SMS).   I am on VPN over wifi.  If I turn the VPN off, it works fine on the same wifi.  On the MacBook, it automatically just sends it green through the phone.  

     

    Is that what you were looking for?  I am using OpenVPN.

  • by KiltedTim,

    KiltedTim KiltedTim Nov 16, 2015 4:39 PM in response to AndyPhillips404
    Level 9 (54,952 points)
    iPhone
    Nov 16, 2015 4:39 PM in response to AndyPhillips404

    Why are you using the VPN in the first place?

     

    iMessages are fully encrypted. There is no need to connect to a secure network to send iMessages. There may very well be a conflict based on the location of the device as reported by location services and the location of the originating IP address for the message, which would be the address of the VPN gateway to the outside world, which is in a different physical location. Or, it may be one of the other reasons already suggested. Blocked port, blocked VPN gateway, etc.

  • by AndyPhillips404,

    AndyPhillips404 AndyPhillips404 Nov 16, 2015 7:23 PM in response to KiltedTim
    Level 1 (0 points)
    Nov 16, 2015 7:23 PM in response to KiltedTim

    i use the VPN to encrypt the other things, like browsing, that I do on public insecure networks like airports, coffee shops, etc.   it really is not convenient to switch between the VPN on and off for iMessages

     

    I Have opened up port 5223/tcp on the server as well as 80 and 443 are open.   no luck, same issue.  any other suggestions?  Anything to fix the location thing?

  • by AndyPhillips404,

    AndyPhillips404 AndyPhillips404 Nov 16, 2015 7:40 PM in response to AndyPhillips404
    Level 1 (0 points)
    Nov 16, 2015 7:40 PM in response to AndyPhillips404

    Opening up 5223 tcp on the server made it work different.  I seem see when someone is typing and now but people say it tries as a iMessage then fails and sends as SMS.   send is the sane  It tries every time to send iMessage like it thinks it should but then fails when it tries....     I also disabled the firewall on the server completely and does the same thing.   Maybe an OpenVPN thing or something with the location issue?   It's a new server so I can't imagine Apple has banned me

  • by Ralph Johns (UK),

    Ralph Johns (UK) Ralph Johns (UK) Nov 17, 2015 12:17 PM in response to AndyPhillips404
    Level 9 (72,994 points)
    Applications
    Nov 17, 2015 12:17 PM in response to AndyPhillips404

    Hi,

     

    I am still not sure from the 10.33 post (the local time I see) whether you have just the VPN or whether there is still another Internet connection going on ?

     

    The Issue in Leopard was if a Leopard computer had Internet Sharing turned ON then the computer that was doing the Sharing could see both the Internet connection it was given  but Failed chats in iChat also reported the Originating Mac's IP address.

     

    Moving to your Last Post there is Location checks.

    iMessages Account is set to your Location.

    in Mavericks and Yosemite that is set in the Details button in Messages > Preferences > Accounts > iMessages account and the Details Button.

    You have to Sign In here to view the details.

    AS a security check this detail is checked against the IP that your location appears to be at.

     

    AS the Location and IP's location may not match then the iMessages server will not let you login.  (you look like someone pretending to be you).

    It also messes with Time Stamps (and the Login is Time Stamped) which means even if you do manage to Login you may miss some iMessages because of time differences between the VPN's Location and the Mac's.

     

    If the iMessages servers see this sort of behaviour then it will block the Apple ID for that Mac.

    That is to say the iPhone should still see sync copies of iMessages sent to the Apple ID but the Mac will not.

    Nor can the Mac send as it cannot login.

     

    The only way to resolve that is to Contact Apple Support and move up to a Level 2 person and ask them to reset it.

    However it is not that simple as the Upgrade from Yosemite to El Capitan is also triggering this from some people and the Level 2 people involve the Engineers who are looking for the Trigger.

    You have an Apple ID issue which are free to fix.  (Level 1 people are Script Led looking to solve Apple Care Hardware and Software issues).

     

     

     

     

    3Sigcopy2.png

    8:17 pm      Tuesday; November 17, 2015

     

      iMac 2.5Ghz i5 2011 (Mavericks 10.9)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
     Couple of iPhones and an iPad
  • by natoar86,

    natoar86 natoar86 Jan 29, 2016 7:27 AM in response to Ralph Johns (UK)
    Level 1 (0 points)
    Jan 29, 2016 7:27 AM in response to Ralph Johns (UK)

    Just connect all of your devices to the vpn and make sure de port 5223 its open, reset the imessage app in all of your connected devices.

    Thats how i fix the problem and i use openvpn as.

  • by fturriaf,

    fturriaf fturriaf Jul 22, 2016 7:18 AM in response to cgstrange
    Level 1 (4 points)
    Jul 22, 2016 7:18 AM in response to cgstrange

    Hi there. Any workaround to make this work? it is clear the TCP port 5223 thing but interestingly ALL other messaging apps works (WhatsApp, Skype, Yahoo, Google Hangout) but not iMessage... perhaps Apple can enhance how iMessage use underlaying IP network management?

    Thanks

    -f

  • by Ralph Johns (UK),

    Ralph Johns (UK) Ralph Johns (UK) Jul 25, 2016 12:59 PM in response to fturriaf
    Level 9 (72,994 points)
    Applications
    Jul 25, 2016 12:59 PM in response to fturriaf

    Hi,

     

    iMessages logs in on both port 443 and 80 to confirm your ID (80) and the fact it is used on iMessages Server (443)

    The 5223 only confirms that your Contacts are also registered on iMessages.

     

    The Login uses the ID and password and the Serial Number of the device.

    This is a security feature and is designed to make sure the Login is "you".

     

    It is likely the iMessages server will reject anything that looks like it is trying to circumvent that.

     

    If you do get locked out of the iMessages server it is a tortuous phone call to Apple Care to get it sorted.

     

     

     

     

     

     

     

    3Sigcopy2.png

    8:59 pm      Monday; July 25, 2016

     

      iMac 2.5Ghz i5 2011 (El Capitan)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
     iPhone and an iPad (2)