Sophos UTM 9 blocking continuity between iPhone, iPad, Mac

I just recently migrated from Untangle 11.2 to Sophos UTM to give it a ride and noticed that a lot of things are blocked (which is a good thing if you know what you are doing and need to unblock it).  Just recently I noticed that I couldn’t make any more calls by using my iPad or Mac through my iPhone.  So, continuity was not working like it was before.

I went to the Apple site (see sources), but couldn’t figure out what port or services were the one that needed to be allowed by the firewall.  So, after analyzing dropped packages by the firewall, I noticed a pattern and created the following firewall rule.  Since the creation of this firewall rule, I haven’t had any more issues with continuity nor downloading content from games in Game Center.

Overall network mapping: Internal network -> Allow ports 6384:16472 -> Any

  1. Go to “Network Protection”
  2. “Firewall”
  3. Click “New rule…”
  4. Under “Sources:” add “Internal (Network)”
  5. Under “Services” (you probably haven’t created this, so we are going to do it the long way), click on the “+” to add a new service
  6. Give it a name.  Probably “Apple Continuity”
  7. On “Destination port:” allow ports from “16384:16472”
  8.  Under “Comment” add these ports are “Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP)” for “iChat AV (Audio RTP, RTCP; Video RTP, RTCP), FaceTime, and Game Center”
  9. Click “Save”
  10. Under “Destinations:” add “Any”
  11. (Optional) Add comment
  12. Click “Save”

Now you should be able to use Apple continuity by handing over calls over your iPad and/or Mac from your phone under the same network.

Hopefully Sophos UTM could include this as default with their future releases.

Source: TCP and UDP ports used by Apple software products – Apple Support

Leave a Reply

Your email address will not be published. Required fields are marked *