NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Netgear Parental Controls not blocking iMessages
Pausing internet with Netgear Parental Controls (Bedtime, Off Time, and manually pausing) successfully blocks http/s traffic but is allowing iMessages on wifi-only (NOT cell-enabled) Apple devices - ...
Already tried blocking specific TCP/UDP ports, but definitely not a feasible or long-term solution. Again, I'd expect that pausing internet would mean . . . pausing internet (ALL 65,535 ports). I'm hoping that Netgear is monitoring the community messages and will see that the new SPC subscription service contains a major flaw and gap.
You'll have to contact Apple and see if iMessages can be blocked or not. iMessage is SMS and Text messages app that is also tied and connects to Cell phoneservices. So even if WiFi router blocked iMessages, the app will switch to cell services which is its main conenction to the text and messages services thru cell services. Something no wifi router mfr has control over. This is not a flaw in NG products.
bspennington wrote:
Already tried blocking specific TCP/UDP ports, but definitely not a feasible or long-term solution. Again, I'd expect that pausing internet would mean . . . pausing internet (ALL 65,535 ports). I'm hoping that Netgear is monitoring the community messages and will see that the new SPC subscription service contains a major flaw and gap.
There are no cell services associated with the devices that I'm trying to limit. An iPod, for example, is wifi only. If NG SPC were to pause all internet traffic, as implied by "pause internet", iMessages would not work.
My understanding of Parental Controls is truly primitive. For example, it is not clear to me whether Parental Controls apply to "only internet traffic", or to both internet and LAN traffic. My guess is that 99% of customers have no local resources for minors to use and thus the intent is probably "only internet".
Apple iMessage is also confusing because it seems to use ports 80, 443, and 5223. The issue could be as simple as Negear forgot to block TCP port 5223. That can be done easily with the Orbi "Block Sites" feature, but the on/off issue remains. My research into iMessage is inconsistent: there are places that say the connection with Apple is on port 5223, but then other places mention if 5223 is not available is uses 80 and 443. Very confusing.
There is also the aspect that iMessage employs the Apple Push Notification System (APNS) on port 5223. When a device connects to a network, it opens an APNS tunnel to Apple servers. I wonder, maybe the issue is that SPC blocks creation of new connections, but does nothing about existing connections. if those Apple devices (iPod, for example) disconnect from the network and then reconnect (or do a power off/on), do they continue to get iMessages when SPC has them "off the internet"??
Normal web traffic, for example, does not maintain long term connections. A typical web page may open 100 URL's as separate connections. In the beginning of the web, this was one of the design goals that frustrated people so much: no persistant connections. The whole business of cookies came about in order to track session status.
Besides the iPod, another way to test this theory would be to put a random Internet of Things (IoT) device in an SPC pool. Those devices open a connection to the cloud that stays open as long as the device is powered on. When a user wants to control the device, their smartphone app makes a connection to the cloud, which uses that open connection to reach the device.
Of course, none of my rambling solves the underlying problem. I would appreciate if you could test the "open connection" theory.
Thats the thing, iMessages is tied to cell services. When in wifi mode it will connect to wifi and go out that way, however will revert to using cell services if it can't connect via wifi or is blocked.
Seems only way to block it is at the ISP level:
https://www.wikihow.com/Block-Text-Messages
FURRYe38 wrote:
Thats the thing, iMessages is tied to cell services. When in wifi mode it will connect to wifi and go out that way, however will revert to using cell services if it can't connect via wifi or is blocked.
This may be the case with devices which have cellular connections, such as iPhones. An iPad or iPod with no cellular modem cannot possibly do that. My wife's iPad is a "WiFi only" model, yet iMessage works. Blocking port 5223 or blocking the Apple IP domain would work, but are not practical to turn on and off on a whim.
