I checked out the other option you suggested of opening the port associated with Screen Sharing. Ralph provided the list of well known TCP and UDP ports for Apple devices. Port 5900 is identified for AppleRemote and Screen Sharing. I did a Port Scan and 5900 and is already open, so the port is not the problem. You and Ralph give a pretty good assurance I will be protected from internet attack by the AP Express and I can turn off the Firewall so Screen Sharing will work. That's the simplest solution.
I am just weighing in here but...
I am an IT consultant for a company in anytown. We have a remote user in othertown and she is remotely connected in two ways. all Internet traffic is going through her ISP and all corporate data is going through the VPN connection (split tunneling)
I am currently having an issue where her email will not go out via the standard SMTP port 25 due to her ISP (comcast) blocking that port for security and spam prevention. while this is a common practice it is inconvenient for her as she has to connect to the vpn to send. I am also having the white screen problem with this remote user. I fail over to a different remote utility that works fine but your post is intriguing.
Here is what works:
- connection with iChat
- while connected audio works
- video works as I can control the mouse on her screen and I can see the cursor move as well.
- chat works as you would expect.
What does not work is the video that is streamed desktop. I believe what is happening is this.
1. connection is made over port 5900
2. audio and video are split into two separate streams audio goes over 5900
3. video is compressed into two separate streams 1 is from my end to the server side computer over 5900 and one is returned over a different port via RTP, RTSP or some other QuickTime technology.
4 while 5900 is apparently open and routed by the ISP the second video stream's port is not and consequently you can use ichat for all other functions.
I am going to discuss with comcast the port 25 thing and I will repost findings but depending on your ISP you may or may not be able to adjust these ports - further all of your custom firewall configuration efforts may in fact be a fool's errand as you will not be able to adjust your ISPs side port routing.
Finally I have read in another post that grayscale or a lower quality may bring back the image and this furthers my point that the high quality stream is compressed QuickTime and likely on a different port than 5900. When you lower the quality the compression is turned off and it likely falls back to port 5900.
All three methods use the same Apple Remote Desktop engine.
In the case of iChat/Messages the Audio Chat along side is on port 16402.
The "video" that obviously starts with the Desktop is on a Random port.
Port 5900 is used by the Apple Remote Desktop App and the Finder Screen Sharing option.
As far as I am aware all "Video" and Audio are on the same ports in Apple Remote Desktop and the Finder version.
If iChat/Messages is doing a full on Video Chat then that also uses the same port in version 4 and above (port 16402 as first choice)
Earlier versions iChat split Audio and Video in an IN and Out Video and Audio (4 ports in total) manner.
Many ISPs block port 25 to other STMP servers other than their own.
In the Mail app ports 465 and 587 are often listed as alternatives.
9:18 pm Tuesday; January 14, 2014
iMac 2.5Ghz 5i 2011 (Mavericks 10.9)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
Couple of iPhones and an iPad