Can't video chat with iChat 6.0.1 with Verizon Fios modem, MI424WR. Get error "Router type is Restricted, Port Restricted, Symmetric, or Unknown." How do I configure the router? I have allowed iChat incoming connections in my Mac (10.7.2) firewall. GChat and Skype work fine.
Thanks
Mac Pro, Mac OS X (10.7.2)
Hi.
You have to configure Port Forwarding on the Verizon FIOS Modem Router for iChat.
http://support.actiontec.com/doc_files/MI424WR_Rev._G_User_Manual_30.16.0_v1.pdf
Excerpt from pages 109 & 110:
"To set up basic port forwarding:
1. Click the arrow next to “IP Address forward to or select from menu” to display a menu and either enter the IP address of the item to port forward from, or choose an item from the drop-down menu (choose your machine by host name, since the internal ip address changes from time to time, after the lease time expires).
2. Click the arrow next to “Application to forward...” and select a pre-configured application from the drop-down menu (if iChat is not present in the list, you'll have to set up Advanced Port Forwarding).
3. Click Apply. The new port forwarding rule appears in the “Applied rules” table at the bottom of the screen. "
"To set up advanced port forwarding (custom ports):
1. Click the arrow next to “Application to forward...” and select Custom Ports from the drop-down menu.
Con
2. Enter the host name (from the drop-down list) or local IP address of the computer providing the service in the “Specify IP” text box. Note that only one local network computer can be assigned to provide a specific service or application.
3. Click Advanced.
4. Select the Internet protocol to be provided from the “Protocol” drop-down list. Depending on the protocol selected, additional options appear in the screen.
5. Select the connection with which this port forwarding rule will be active from the “WAN Connection Type” drop-down list.
6. To select a port to forward communications to (this is optional), select “Specify” from the “Forward to Port” drop-down list, then, in the text box that appears, enter the port number. If no port is identified, select “Same as
Incoming Port.”
7. If this port will be active all the time, select “Always” from the “Schedule” drop-down list. If the rule will only be active at certain times, select “User Defined” and click Add. Then, add a schedule rule (for more details about
schedule rules, see the “Advanced Settings” chapter of this manual).
8. If source and destination ports need to be specified, select Specify from the drop-down menu list (by clicking on the appropriate arrow), then entering the port numbers.
9. Click Apply to save the changes. The new port forwarding rule appears in the “Applied rules” table at the bottom of the screen."
Good Luck.
Hi,
Henry has the basis of the info.
That last link is for the iChat 3 Ports.
It is easier if your router does UPnP as you can then use iChat Screen Sharing.
This article reports the changes in the ports iChat uses for iChat 4 and 5
Realistically you need both as the first is the only place the Bonjour and Jabber ports are listed, where are the second only really deals with the changes to the A/V ports .
On this page that has the default IP, User ID and Password info I cannot see in the pics that the device has UPnP (although it does not show you every tab/menu item.
Looking at the firewall for the device that they do show, iChat is most likely going to need it set to LOW due to the inclusion of DoS and SPI filters in the firewall at higher levels.
8:43 PM Sunday; December 25, 2011
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
"Limit the Logs to the Bits above Binary Images." No, Seriously
Hi.
I didn't realize my iChat ports link was so outdated…
And yes, you're right, UPnP !!
Regarding the Actiontec router, it does support UPnP, in the E, F, and G revisions, which are the Verizon FiOS ones. The one in your link has a different firmware, and is not used by Verizon for its FiOS service
The UPnP settings are in the "Advanced" options menu > "Universal Plug and Play".
Hi Henry G4,
Actually the later link is also outdated as it does not list the Yahoo stuff for iChat 6 (Actually this is only port 433 and port 80 via a plug-in for iChat).
The Port Forward site always quotes the full iChat 3 set (If you forwarded all off these you would cover all the iChat 4/5/6 ones except the Screen Sharing Random port)
I took the name from the Original Post (I did wonder about version numbers)
Thanks for the additional Info.
As I intimated the issue may not be entirely ports but Firewall or even Ping Blocking that is actually stopping this.
It may also pay to change the iChat > Preferences > Video Section > Bandwidth limit to 500kbps
This smooths out high speed Internet connections where any variance can be exaggerated to the point where ichat can not buffer the changes.
It also seem to help to "Slow" the connection process down to slower Internet speed Buddies (or older iChat versions)
10:48 PM Monday; December 26, 2011
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
"Limit the Logs to the Bits above Binary Images." No, Seriously
Hi.
Very interesting indeed.
Thanks a lot.
Good Luck.
Good Year.
Henry and Ralph,
Thanks very much for your detailed replies. After carefully reviewing what needed to be done, I have decided against making the changes and using iChat. The changes seem extensive and decrease my computer's security profile. Furthermore, I had negletected to mention that I actually connect to my LAN through an Airport Express hanging off the Verizon router. So, that would likely need additional changes to make it work. Because GChat and Skype video conferencing work just fine without making any firewall changes or opening up any additonal ports, I am going to use them. I do plan to try for fun to see if FaceTime will work.
Regards,
Rich
Ok,
GChat, as you call it is via a Web Browser on port 80
As I log in to Apple first and tell Little Snitch to allow Port 443 for the secure Login to Sign In I don't get a second reminder for a Login to Google if that is actually on port 443.
The Login to iGoogle or the google Mail web Page may be secure.
After that I would doubt it.
Skype will list a Port in it's Preferences that it would like to use though a router but if this is not open it will use Fall back ports in the from of commonly used Mail Ports or even port 80 if it cannot use those.
I have run Skype with Little Snitch (This Utility tell me IP and Ports an app is connecting to) and have seen in excess of 40 connections just to login.
There are steps in the iChat Connection Process that do check against "Man-in-the-Middle" attacks.
By the time you are connected in Video or Audio Only in iChat the connection is Peer-to-Peer (The exception is the option to do it via the AIM servers)
Airport Base Stations
These can be set up to Share a Public IP
This in fact is any IP from the device "in front" of the Airport. If it is doing a PPPoE Login then that will be the ISP but it can be another local device that routes.
Port Mapping Protocol in an Apple Base Station or UPnP in a regular routing device could be seen as less secure than Port Forwarding (one port to one IP, repeated fro different ports)
However in most devices the time the ports stay open (After use) can be adjusted as can the number of devices away from the UPnP device (Hops) can also be adjusted.
8:35 PM Sunday; January 8, 2012
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
"Limit the Logs to the Bits above Binary Images." No, Seriously
Can't video chat with iChat 6.0.1 with Verizon Fios modem,MI424WR.
