Each Lion Server service has a standard port associated with it. For example, the default port for IMAP e-mail is TCP port 143. When used with SSL encryption, the default IMAP port is TCP 993. Some services have a range of ports. Web service defaults to TCP 8080, but has a range of TCP 8000–8999 that you can use.

A firewall blocks incoming traffic through software ports (settings identified by port numbers) and by port type: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). A port can be open, which allows traffic to come through, or closed, which blocks traffic.

If you’re configuring a firewall that’s not on Lion Server, take a look at the list of the default port numbers used by Lion Server. You also use these port numbers if you’re doing port forwarding for an Internet router. Of course, a firewall on Lion Server also uses these numbers, but Server Admin lists Lion’s services by name, as well as the numbers, so all you need to do is select them.

Apple has a more extensive list of ports that Apple networking software uses.

Service Port Number Port Type
Address Book Server 8008 TCP
Address Book Server with SSL 8443 TCP
File-sharing AFP 548 TCP
File-sharing SMB 139 TCP
iCal Server 8008 TCP
iCal Server with SSL 8443 TCP
iChat Server 5222 TCP
iChat Server with SSL 5223 TCP
iChat server-to-server 5269 TCP
iChat Server file transfer 7777 TCP
iChat local 5678 UDP
iChat audio/video RTP and RTCP 16384–16403 UDP
Mail, SMTP standard 25 TCP
Mail service SMTP submission 587 TCP
Mail service IMAP 143 TCP
Mail clients IMAP with SSL 993 TCP
Mail service POP3 110 TCP
Mail clients POP3 with SSL 995 TCP
Profile Manager services Same as web HTTP, HTTPS TCP
Remote login SSH (Secure Shell) 22 TCP
Screen sharing (VNC) 5900 TCP
VPN L2TP IKE NAT Traversal 4500 UDP
VPN L2TP ESP (firewall only) IP protocol 50 n/a
web service HTTP 80 or 8080
web service HTTPS with SSL
443 TCP
web service custom website 8000-8999 TCP
Wiki, web calendar, webmail Same as web HTTP, HTTPS TCP