Old iMac Keeps Taking Port 4500 via UPnP

Question

Level 4

1,456 points

Old iMac Keeps Taking Port 4500 via UPnP

I have an old iMac running Snow Leopard and it's got a very annoying problem. Every time it boots up, it grabs UDP port 4500 via UPnP from my DD-WRT router. Problem is, I have a Mac Mini running a VPN server and when the iMac takes that port, the VPN no longer works. I think it also grabs the port when it wakes from sleep.

lsof output (Run on the iMac. Note the lack of 4500.)

lsof -Pi

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME

SystemUIS 126 roberthsr 6u IPv4 0x07094734 0t0 UDP *:*

SystemUIS 126 roberthsr 10u IPv4 0x08067aa4 0t0 UDP *:*

AppleVNCS 142 roberthsr 8u IPv6 0x06adcf80 0t0 TCP *:5900 (LISTEN)

sshd 191 roberthsr 3u IPv4 0x06adfad8 0t0 TCP imacg5.socamx.net:22->rmbp.socamx.net:62816 (ESTABLISHED)

sshd 191 roberthsr 4u IPv4 0x06adfad8 0t0 TCP imacg5.socamx.net:22->rmbp.socamx.net:62816 (ESTABLISHED)

nmap output (Scanning the iMac from my laptop. Note that it is listening on 4500.):

sudo nmap -sU -T5 -p 500,1701,4500,9999 10.0.10.6

Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-07-16 11:20 EDT

Nmap scan report for (10.0.10.6)

Host is up (0.0019s latency).

PORT STATE SERVICE

500/udp open|filtered isakmp

1701/udp closed L2TP

4500/udp open|filtered nat-t-ike

9999/udp closed distinct

MAC Address: 00:1B:63:16:17:0B (Apple)

Nmap done: 1 IP address (1 host up) scanned in 1.27 seconds

How can I make this iMac stop taking port 4500 and thus prevent it from breaking my VPN? This has been driving me nuts for months. I just want the stupid thing to stop grabbing UDP 4500 via UPnP. Turning off UPnP on the router is not an option. Running newer than 10.6 / Snow Leopard isn't an option either, this computer exists for Rosetta functionality.

As a side note, all my other Macs used to do this too but I disabled Back to My Mac on each of them to stop it. This old iMac running Snow Leopard, I can't access that setting because it is pre-iCloud. It's just an inaccessible MobileMe section in System Preferences, which is obviously long outdated.

Posted on Jul 16, 2015 8:26 AM

Reply

Answer 1

Best reply

Justin Hunter Author

Level 4

1,456 points

Jul 19, 2015 6:34 AM in response to Justin Hunter

I may have got the problem solved. Going to give it a day to be absolutely certain but initially it looks successful.

So because there's no way to access the MobileMe panel anymore, I found out that you can manually remove the Back to my Mac information in a preference file, specifically this one:

/Library/Preferences/SystemConfiguration/preferences.plist

Way down in the file there's a section that looks like this.

<key>Network</key>

<dict>

<key>BackToMyMac</key>

<dict/>

<key>HostNames</key>

<dict>

<key>LocalHostName</key>

<string>ComputerNameHere</string>

</dict>

</dict>

I had to edit my file to make it look similar to that. You need to remove the <dict></dict> section below <key>BackToMyMac</key> and change it to <dict/> This section contains your iCloud username, and upon removing it and restarting the computer, it should no longer grab port 4500 over UPnP.

If this problem goes away forever, I will not update this thread anymore.

Reply