OSX Lion Server Router Set Up


One of the main functions of your network router is to direct common tasks (services) like web browsing and mail to come in and out of your network. Initially, before properly configuring the router, many potential services are blocked by default. This is actually a good thing and it is doing exactly what it is meant to do: protect your network from potential threats and/or intrusions.





In order to allow OS X Lion Server’s services to pass between the internal private and external public network we need to set-up port forwarding.  This process opens up ports on the router to allow more services to work in your home or business network.


Step One: Get a Static IP Address and Domain Name


Make sure to set up a static IP (Internet Protocol) address this is a unique address on your local network. Having this static IP will allow port forwarding services from the router to the computer it is hosted on.

In most cases your Mac will have a dynamic IP address. Dynamic addresses change periodically, usually when you reset your router, while static IP addresses always stay the same.



To change the IP address of your Mac:

  • Go to System Preferences > Network
  • Click on your WIFI connection method in the top right-hand corner.
  • If you are connected to the Internet via Wi-Fi, select AirPort.
  • Once you have selected your connection method, click “Advanced”.



This will open a new dialog. From here:

  • Click the TCP/IP tab
  • Select “Using DHCP with manual address” from the “Configure IPv4” drop-down menu.You will now need to enter a static address for your Mac in the IPv4 Address field. This number will typically begin with the first 3 segments of numbers from your Router field, however you will have to enter a new number for the last digit. For example, if your router address is:, a possible address you could use is: Do not use an address that is identical to another system, this can cause network connectivity problems.Notate what you have designated as the static IP address because you will need it later.  Next click OK and then save the changes.


Apple Airport Extreme

Apple’s Airport Extreme router sets up port forwarding automatically when Lion Server detects an Airport Extreme on the network.

You can see below how the ports are opened by the server when you access an Airport Extreme base station through Airport utility (see below).


Airport utility and the Apple routers on your network      



When you select a router, you can see ports opened automatically by Lion server




Port Forwarding for Other Routers

Most routers on the market use a web interface to change their settings, so each manufacturer will have a slightly different interface and approach to changing these settings.



Configuring Port Forwarding On Your Router

The next step is to configure port forwarding on the network router. Port forwarding will tell the router to access your Mac when this port is connected to your home or business Internet connection.
This example uses an AirPort Extreme router to configure the port forwarding, but you can do this on almost any router that you may already own.



Port Forwarding:


  • Open AirPort Utility on your Mac
  • Click on your AirPort router in the sidebar
  • Click the Manual Setup button

Once entering the manual setup mode, go to:

  • Internet > NAT > Configure Port Mappings
  • Click the plus (+) button to add a new port forwarding service


  • The Network Address Translation service handles port forwarding, enabling one IP address to host many different services. This is another service usually handled by routers: it’s the reason why multiple computers and other devices can access the Internet despite having only one IP address (to see your true IP address, as opposed to the IP address assigned to your device by your router, you can use a service like whatismyip.com or IP Chicken).


The Port Mapping Setup Assistant will show a drop-down menu, allowing configuration of several settings.


  • Service drop-down menu à default selection (“Choose a service”)
  • Public UDP Port à9091
  • Public TCP Port à9091
  • Private UDP Port à9091
  • Private TCP Port à9091


Some Common Ports to Open on Lion Server

What ports you need to open depend on what sorts of services you want to cross your network. An example from Mac Forums’ louishen:

Service Port number Protocol
Address Book Server    
Address Book Server 8800 TCP
Address Book Server SSL 8843 TCP
File Sharing    
File sharing (Apple AFP) 548 TCP
File sharing (Windows SMB/CIFS)  161 TCP
iCal Server    
iCal Server 8008 TCP
iCal Server using SSL 8443 TCP
iChat Server    
iChat Server 5222 TCP
iChat Server using SSL 5223 TCP
iChat Server, server-to-server connection  5269 TCP
iChat Server’s file transfer proxy 7777 TCP
Mail Server    
Mail: IMAP 143 TCP
Mail: IMAP using SSL 993 TCP
Mail: POP3 110 TCP, UDP
Mail: POP3 using SSL 995 TCP, UDP
Mail: SMTP legacy SSL submission  465 TCP
Mail: SMTP standard 25 TCP, UDP
Mail: SMTP submission 587 TCP
Remote connection    
Remote connection SSH (Secure Shell) * 22 TCP, UDP
Remote Management (Apple Remote Desktop) 3283, 5900 TCP, UDP
Web service    
Web service HTTP 80 or 8080 TCP
Web service HTTPS (secure web service via SSL) 443 TCP
Screen sharing    
Screen sharing VNC 5900 TCP
Virtual Private network    
VPN L2TP IKE NAT Traversal 4500 UDP
VPN L2TP ESP (firewall only) IP protocol 50 n/a

* Do not enable SSH if at all possible, computer techs sometimes use it for terminal access to remote computers, but SSH can attract hackers.

Here is an example of the ports that are opened on the Netgear router from Mac Forums’ louishen.

Outbound ports




Inbound ports


After completing, click the Continue button. On the next screen, give your port mapping a description, then click Done and click the Update button when you are done configuring the router. At this point your router will restart, make sure to save your settings.

So, with the router set-up to bypass all the services your network server is going to use, you can now download and install Lion Server.