APNS : server side configuration

Question

I went through number of guides and StackOverflow topics, but still can not find an answer to my problem.

So we moved to a new server and our push notifications stopped working. (I was not managing the old server). As APNS ans me have not been acquainted yet, it kinda became a problem.

As I understand the first thing we need is an open 2195 port, so I can telnet gateway.push.apple.com 2195. But that fails

Trying 17.172.238.228...
telnet: connect to address 17.172.238.228: Connection timed out

even tho the hosting company assured me that the port is open INBOUND and OUTBOUND.

iptables doesn't seem to have any restrictions on that port either.

So at this point I dont know how to make this work. My guess was that it needs a Certificate to telnet to APNS, which looks rather silly.

Was wondering if someone could point me to the right direction ? Much appreciated.

nslookup gateway.push.apple.com
Server: 48.22.161.128
Address:    48.22.161.128#56

Non-authoritative answer:
gateway.push.apple.com  canonical name = gateway.push-apple.com.akadns.net.
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.219
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.221
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.222
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.223
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.224
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.227
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.215
Name:   gateway.push-apple.com.akadns.net
Address: 17.172.238.216

Did you enable port 5223 and 443? Did you ever get your APNS working on your server? — joeharby, Mar 19 '13 at 01:01

score 1 · Accepted Answer · answered Apr 04 '12 at 14:46

1

if you are sure no firewall blocking the connection (make sure port 2195 and 2196 openned), another problem could be dns. i got the same issue like yours, check your dns again, the ip sometimes changed (seems apple using akadns), so it could be your server still cache the old record, i just query the ip is not same anymore like above, if it's dns, change your dns to google dns or other dns server.

$ nslookup gateway.push.apple.com
Server:  UnKnown
Address:  192.168.1.254

Non-authoritative answer:
Name:    gateway.push-apple.com.akadns.net
Addresses:  17.149.35.168
            17.149.35.171
            17.149.35.177
            17.149.35.172
            17.149.35.173
            17.149.35.178
            17.149.35.166
            17.149.35.169
Aliases:  gateway.push.apple.com

answered Apr 04 '12 at 14:46

chocripple

2,109
14
9

Well the server is on new IP for more then 2 weeks now. When I do the nslookup, i get the output I added in my original post. But do I need some certificate, or somehow give our server IP to apple, before i can telnet to it ? It doesn't make much sense, but it's the only option i see at the moment. – Katafalkas Apr 05 '12 at 08:28
Ok, sorry I misread ur post. I get the idea now. I ll give it a go – Katafalkas Apr 05 '12 at 08:34
So I have tried changing DNS, did not help. Also the previouse server also get the 17.172.238.0 range IP addresses after isssuing nslookup gateway.push.apple.com and the telnetting to apple work there. – Katafalkas Apr 05 '12 at 09:07
if you're nslookup, could you try telnet all those ips ?, and please try also in another server. if it's working telnet using ip on another server, mean something blocking the connection on your new server. – chocripple Apr 05 '12 at 09:39
So I have tried telnet'ing to all of those. So you are right, seems like that I am being blocked somewhere. Hosting company assured that 2195 and 2196 are open IN and OUT. So what else could be blocking it ? Do I need to specify our new server IP to apple ? maybe they are blocking us ? – Katafalkas Apr 05 '12 at 09:46
cannot be sure, could be firewall on your server, or your hosting. i don't believe apple blocking yout network. another solution is using socks proxy (in my case i was using ss5 http://ss5.sourceforge.net/) but make sure you able reach gateway.push.apple.com from there, on your apn code there should be proxy setting. – chocripple Apr 06 '12 at 02:30
Cheers for your time. In the end it was a bad firewall configuration on the hosting company, they fixed that now. – Katafalkas Apr 06 '12 at 16:55

APNS : server side configuration

1 Answers1