Android FCM-防火墙的IP和端口是什么? [英] Android FCM - What are the IPs and Ports for firewall?

问题描述

我们在受限环境中的服务器需要将通知推送到随我们的应用程序一起安装的设备上.我们在开放环境中尝试了推式客户端，并且该方法成功了.但是，当移至我们的服务器时，由于防火墙阻塞而导致网络错误.

Our server in a confined environment need to push notification out to devices installed with our apps. We tried our push client on an open environment and it worked. However when moved to our server, there are network error due to firewall blockage.

基于google文档:

Based on google documents:

如果您的组织有防火墙将流量限制为或 从Internet，您需要对其进行配置以允许与 FCM，以便您的Firebase Cloud Messaging客户端应用程序接收 消息.打开的端口是:5228、5229和5230.通常是FCM 仅使用5228，但有时使用5229和5230.FCM不使用 提供特定的IP，因此您应该允许防火墙接受 与IP块中包含的所有IP地址的传出连接 列在Google的15169的ASN中.

If your organization has a firewall that restricts the traffic to or from the Internet, you need to configure it to allow connectivity with FCM in order for your Firebase Cloud Messaging client apps to receive messages. The ports to open are: 5228, 5229, and 5230. FCM typically only uses 5228, but it sometimes uses 5229 and 5230. FCM doesn't provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169.

但是，我们实际上正在使用具有以下URL的HTTP协议进行推送:

However, we are actually pushing using the HTTP protocol with the following URL:

https://fcm.googleapis.com/fcm/send

这是否意味着要打开的端口现在是443而不是5228?

Does that means the port to open is now 443 instead of 5228?

我们还需要配置主机，因为安全团队不允许我们连接到域.从上面的段落来看，所有IP地址都在ASN 15169中，而我只能在此处

Also we will need to configure the host as well because the security team does not allow us to connect to the domain. From the paragraph above, all IP addresses is in the ASN 15169, and i had only managed to find a list here

任何有此经验的人都可以指点一下?谢谢.

Anyone with experience with this can give a pointer? Thank you.

推荐答案

这是否意味着打开的端口现在是443，而不是5228?

Does that means the port to open is now 443 instead of 5228?

接收消息

您应该按照文档打开5228、5229和5230. >.

To receive messages

You should open 5228, 5229 and 5230 as per the documentation.

FCM不提供特定的IP，因为我们的IP范围更改太频繁，并且您的防火墙规则可能会过时，从而影响您的用户体验. 理想情况下，您将白名单5228-5230不受IP限制.

FCM doesn't provide specific IPs because our IP range changes too frequently and your firewall rules could get out of date impacting your users' experience. Ideally, you will whitelist ports 5228-5230 with no IP restrictions.

但是，如果必须具有IP限制，则应将 Google的ASN为15169 .这是一个很大的列表，您应该计划每月更新规则.

However, if you must have an IP restriction, you should whitelist all of the IP addresses in the IPv4 and IPv6 blocks listed in Google's ASN of 15169. This is a large list and you should plan to update your rules monthly.

这篇关于Android FCM-防火墙的IP和端口是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！