Ok,
I will list the ports in greater detail and point out when iChat uses them.
AIM Login and 1-1 Text Chatting
iChat version 1 through 5 will Log in to the AIM server on port 5190 (TCP Protocol) by default.
Since iChat 2 we have been posting here that the AIM servers allow a Login on almost any port and have been suggesting port 443.
This is used by both Web Browsers for secure Login to some sites and by the Mail app with some mail servers.
It is also below port 1024 (most domestic routers have the ports above this figure closed) In some campus situations using port 443 will normally allow at least Login and Text chatting.
iChat 6 uses port 443 by default.
File Transfers (AIM)
When doing File Transfers with AIM Buddies iChat will move to using Port 5190 on the UDP Protocol.
This cannot be changed. (This invokes the little Message about Starting Direct IM in an open Chat)
It also uses this port for Pics-in-chats, dropping Files on a Buddy's name with out a Chat or sending other files that are not pics.
In the case of Port Forwarding some devices don't like port 5190 being forwarded "twice" which is another reason for moving the login and Text chat port.
Jabber Logins
No matter what Jabber server you use ichat will use one of two ports (5222 and 5223)
Which one it uses is dependent on whether it needs and is using an SSL Login or not.
SSL Logins use port 5223 and NON SSL one use 5222 (ticking or Unticking the SSL box on a Jabber account will automatically change the port).
Google Talk is the exception in that it allow a Login on port 443 as well.
The First Apple Doc I linked you to says iChat uses port 5220 in Jabber.
I run Little Snitch and have never seen any version of iChat use this port at any time.
Bonjour
Any Mac to Mac Connection or Mac to any Bonjour able peripheral will be on port 5353.
This is normally opened (Preset) in the Mac Firewall for the Finder/System side of Sharing.
iChat needs and uses two other ports (5297 UDP and 5298 on both TCP and UDP)
As they an LAN Side connections the router would normally pass them.
At iChat 3 there were issues with the Mac Firewall (it included UDP set up and the preset in the firewall only listed them and TCP so we had people add all the iChat ports (you had to manually enter them in Tiger)
A/V Chats
No matter which Buddy List you start from iChat will do A/V chats the same way.
The Visible Invite you or your Buddy sends is on port 5678 (UDP)
In iChat 3 and earlier iChat then moves to port 5060 to send the SIP Connection Process invite behind the scenes (SIP = Session Initiation Protocol)
Port 5060 is one of 4 ports internationally agreed for SIP (How VoIP phones connect) (5060-5063).
Although ISPs were not supposed to block Through traffic many started blocking End users and then Charging them to open these ports (Many ISP were telecom companies that were losing long distant Telephone calls monies).
The SIP process then in iChat 3 contacts a server run by Apple for this purpose (Snatmap.mac.com to give it it's full name).
This acts like a old fashioned telephone operator connecting the call.
SIP is a text based process.
Your end "Calls" the operator.
The Operator "Calls" Buddy.
Buddy Accepts
iChat then negotiates the ports to be used.
In iChat 2 and 3 it uses 4 ports (vid in Vid out, Audio In and Audio Out) from "the group of 20" starting at the bottom (16384 to 16387 normally)
Three and 4 way chats uses more ports (which is why 20 are set aside)
In iChat 4 Apple realised the issue with the 5060 port and changed the way iChat worked
Since then it has Sent the invite on Port 5678 but then moved to port 16402 (it starts at the top of a smaller group of 20)
All Video and Audio traffic is also now on one port (so no need for 20 ports and iChat now lists 10).
NOTES so Far.
File Sharing during a Chat converts the Chat to Direct IM for AIM Logins
This is Peer-to-Peer in AIM
A/V Chats are Peer-To-Peer and you can actually log out of the Buddy list and continue the chat. (The exception is using iChat 6's AIM Video relay option)
Screen Sharing
Screen Sharing is an Audio Chat with a VNC connection along side.
Both bits have to wok to avoid the Pop-up to send to Apple and the Log that contains.
The Audio part is on port 16402 and the VNC part is random. (So random it is different every time you do it)
The reason it is classed as an Audio Chat+ is so the AppleScript for Auto Accept can filter out Screen Sharing connection and Not Auto Accept them.
This does have a knock on effect as far as your Router is concerned as already mentioned earlier.
You cannot Forward or Trigger the random Port so you have to use UPnP in your router to open the ports.
NOTES
Jabber File sharing may possibly be on port 1080 as listed in the Server Article I linked you to (I have also seen it written about in other stuff I have come across)
However Little Snitch does not seem to confirm this either.
Most time it will be peer-to-peer like the AIM connections for this.
However some Jabber servers do not seem to allow this and have this Jabber65 Proxy set up which passes things Server to Server in between it leaving your end and arriving at a Buddy.
This on Port 7777 but you do not need to open this port (unless you are running a Jabber server)
I have yet to test File Transfers using a Yahoo Buddy List in iChat 6.
AppleCare and Geniuses.
Previously I have been contacted by Geniuses in Stores asking to test customer's iChat.
They and the Applecare people have details about Apple wants an designed the App to work.
What they don't have is the knowledge about what it takes to set it up in the "real world".
There are literally thousands of Makes and Models of routers.
Some like the Thomson-Alcatel brand state they are SIP/VoIP ready but this means the router strips out all SIP Data trying to send it to a Phone.
Early models of Alcatels can get around this with a tweak. Later models can't.
Motorola devices tend not to have UPnP.
Apple Base Stations have Port Mapping Protocol instead of UPnP and this needs setting up.
The Zyxel range definitely does not like the dual use of port 5190 and does much better using UPnP (You almost certainly have to do your AIM login on port 443 with these).
1. I have two computers (MacPro and MacBook Pro) that are both running Lion 10.7.2 and both running iChat 6.0.1. <<-- Fine
2. The Netgear router model is: WNDR3700. <<<<--- With any Brand there are exceptions and I do wonder about this one
3. The firewall for both Macs is turned on and in the advanced area iChat is listed as being "allowed." <<<<---- Fine
4. In iChat, under the video options, "Screen Sharing Allowed" is checked. <<<<<---- Fine
5. In System Preferences, "Screen Sharing" is checked and this is for "All Users" at present. <<<<<---- Not Required
6. There are two separate AIM accounts being used for iChat purposes. <<<<<---- OK
7. In iChat preferences, each AIM account is "Enabled" under "Account Information" and the "Server Settings" show the Server as "api.oscar.aol.com" and the Port is "443" and "Use SSL" is checked. <<<<---- As it should be
From this and the other info in the first port it was only the router set up that seem to throw some light on a possible cause (Port Forwarding and UPnP conflict)
If just doing Port Forwarding the ports listed would have covered things (Except the Screen Sharing's random port)
Regarding your latest post.
I have table similar to that on my Sagem 2504Fast Modem/router combined device and it too seems to list a different port on the external side on occasions.
I would try the router with the Disable SIP ALG unticked (so it is not disabled). If the Help info on the right gives any info about what this Netgear version does it would be helpful.
Some are like the Thomson-Alcatels I was talking about in that it points the SIP data to a specific place (Possibly a Phone socket on the device)
Others seem to provide an "boost" to enable SIP to work and don't seem to get in the way of iChat.
Try adding the Names in Table 1 from this page and see if you can Video to those.
There are 6 names in total (I am actually only seeing one on Line as I type)
9:19 PM Wednesday; January 25, 2012
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
"Limit the Logs to the Bits above Binary Images." No, Seriously