OK well here we go. Here is the setup that I have. I have our openfire server in our DMZ, for safety sake we are trying to lock down as many ports as we can for communication. We have port 5222 open obviouslly for communication internal and external from the network and from what we can tell that is all that we need. Since that did not work quite right we had to open ports 389 and 88 to the internal network to query active directory.
After that we could log in and everything seemed OK except when we tried to add a contact we could not. We could search for them but when we tried to add them spark would log out and then connect again and an error would pop up saying Cannot add contact. So as a test we opened every port and then everything worked perfectly. So to see what was happening here, on our firewall I did a packet check and noticed that when I logged in to Spark there was a port that accompanied the 5222 port, the bad part is that it was very random. I logged in and out of spark about a dozen times and each time it had a diffrent port with the 5222 and it ranged from 1500-1800.
Now here is my question, where does this second random port come from and what does it do?