Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: cfeied
cfeied Author
User level: Level 1
8 points

Solved: iTunes Home Sharing with Windows Firewall

I have read several hundred threads on this topic, and I would like to share the simple solution that I found after much effort.



Apple has indicated that the following ports are required:


port 123 TCP is used for network time sync (Apple TV)

port 5353 UDP is required for computer discovery using the Bonjour service

port 3689 TCP is required for iTunes Library Home Sharing



I have read advice from a number of people claiming that port 3689 should be UDP instead of TCP.



To test this, I set up two Windows7 machines side by side connected by wired ethernet through an unmanaged switch. I installed iTunes 11 on each of them, and turned on Home Sharing. The installation of iTunes automatically added windows firewall rules to allow inbound traffic from Bonjour and iTunes, but at that point iTunes Home Sharing did not work: the two computers each showed that it was connected to the other's library, but the shared libraries could not be loaded so no tracks were visible. However, turning off the Windows firewalls instantly made iTunes library sharing work perfectly. Turning the firewall back on made it stop working.



I then created 6 Inbound Rules to open the following ports:

5353 TCP

5353 UDP

3689 TCP

3689 UDP

123 TCP

123 UDP



After I added those rules, iTunes home sharing suddenly worked perfectly. I did not have to reboot nor did I restart iTunes -- as soon as I opened all the ports, the shared libraries appeared and I was able to play and transfer songs.



I then disabled the rules one by one and tested library sharing after each change. Everything kept working perfectly until I disabled port 3689 TCP. As soon as I disabled that port, everything stopped working. When I re-enabled it, everything worked again. Based on this test, I can report definitively that inbound port TCP 3689 must be open in order for iTunes Home Sharing to load a shared library and play or transfer songs, and that none of the other rules appeared to have any immediate effect on iTunes Home Sharing.



However, I must point out that since the firewall already contained rules for iTunes and Bonjour, some ports were already available to those programs -- and we know that Bonjour uses port UDP 5353 for computer discovery.



I then decided to try one more test: I turned off all my custom rules and just opened up the pre-existing iTunes rule and modified it to allow "Any" protocol type and "All Ports." With this simple change, iTunes Home Sharing worked perfectly.



Below is a snapshot of what I did: Control Panel -> Windows Firewall -> Advanced settings -> Inbound Rules -> iTunes -> Protocols and Ports -> change Protocol type to "Any" and Local port to "All."



You can see in the snapshot that I have deleted all the "wrong" rules and have disabled the custom rule I made for port TCP 3689, and that I have modified the original iTunes rule as described. I also left an inbound rule in place to open up port TCP 123, since AppleTV requires it for time sync.


**Note** -- I made sure my two machines were directly connected through a switch. There was no router between them, and neither machine was connected by a wireless connection. That's because all I wanted to do was to know for sure what firewall settings were required and prove that Library sharing could work if the firewall rules were set properly.



If your machines have to communicate through a router, or through a wireless access point that has routing rules in it, then it's possible that even after your firewall is set correctly you may still have problems with iTunes Home Sharing. If that happens, I would suggest first connecting your devices directly to the same physical switch and getting them working in that configuration before moving them back to their original positions. Then if things stop working, you will have to log into your router and check to make sure the following ports are not being blocked: TCP 3689, UDP 5353, and TCP 123.



I hope this may help somebody else to get things working. Much of the other advice I had read turned out to be wrong or irrelevant.



glhf



-- Craig


User uploaded file

Posted on Oct 2, 2013 10:07 AM

Reply
Question marked as Best reply
User profile for user: PeterJRM
PeterJRM
User level: Level 1
0 points

Posted on Oct 4, 2013 6:00 AM

Thank you for this! Completely solved my home sharing problem.

View in context
4 replies
User profile for user: JF_B
JF_B
User level: Level 1
0 points

Oct 6, 2013 7:26 AM in response to cfeied

Home Sharing used to work perfectly for me... Then lately, my iPhone 5 wasn't communicating with my iTunes PC library. No problem communicating with my Mac iTunes library though...


Turn off Windows firewall, it communicates. Turn it back on, no workey!


Read your post, created a new inbound rule for TCP 3689 only and BAM!! works like a charm.


Thanks for your detailed post. It did the trick for me. Only wished this would work without having to do all these fixes. Can't wait for my PC to kick the bucket so I can buy myself a macbook air and be done with all this PC complicado stuff!


Thanks again.

Reply
User profile for user: LeCluz
LeCluz
User level: Level 1
0 points

Jan 2, 2014 8:36 PM in response to cfeied

This was helpful and here are some additional info if it can help others:



my config: windows 7 x64 / iTunes 11.1.3.8





What I did:


- In the following KB article, it is only mentionned to authorize iTunes executable: http://support.apple.com/kb/ht2553.

I checked Bonjour Service as well. With a fresh/default install (I reinstalled Windows, and installed iTunes only), Bonjour was only added for public networks, not for private networks : very dumb !!! So I added Bonjour for private networks. Note: there are 2 entries for the service in Win7 x64:

* one for "C:\Program Files (x86)\Bonjour\mDNSResponder"

* and one for "C:\Program Files\Bonjour\mDNSResponder"


Then, It worked better. But if I tried to connect the Apple TV and forgot to start iTunes, then obviously it failed, but it will not connect after starting iTunes, event after several retries. I had to manually disable and re-enable Home Sharing on the Apple TV.


- The fact that it was not able to reconnect made me think the issue is was most likely on the UDP side than TCP. So I added UPD 5353 inbound/outbound, and now the Apple TV will connect with no issue, even if I "forget" to start iTunes and start it afterwards, the Apple TV connect fine after the first retry




What I learned:


- Windows Firewall *****: I noticed, stopping the service and disabling the Firewall via the control panel does not have the same effect. I stopped Windows Firewall service 5in the service list) and still had the issue. The problem went away when I disabled the Firewall via control panel. I tried several times to confirm this theory.


- iTunes setup does not properly configure the Windows Firewall for Bonjour Service. Maybe Apple can comment on that ???


- Connection the Apple TV directly to the computer via ethernel cable on isolated network is not accurate test because Home Sharing requires internet connection at ALL time, even after enabling it. I enable home sharing on iTunes and Apple TV, tested communication OK, can browse iTunes library. Then; I cabled Apple TV / computer via ethernet (no WiFi ie no internet connection), Apple TV was not able to reconnect to the iTunes library anymore




More details in this thread:

https://discussions.apple.com/thread/5724380?answerId=24355288022#24355288022&ac_cid=op123456#24355288?ac_cid=o p123456

Reply

Solved: iTunes Home Sharing with Windows Firewall

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up