powered by Jive Software

Open further ports for Openfire to connect with

Hi there,

as default openfire has two ports to connect with - 5222 and 5223. Is it possible to open a third port to connect with, e.g. port 80 or 443?



Openfire does not run as root, so ports <1024 are not possible. And it’s also not possible to open multiple ports for one protocol.

I’m not sure if one did mention some month ago that with Linux and iptables it’s possible to mirror port 443 to 5223.


For me, it is not possible… But i do not need another port anymore

Can anyone hint me in the general direction of a software that lets me map ports on Windows to allow this? It needs to be run as a service, and be able to forward ports such as 8080 to 5222. The reason is that some ports seem to be blocked with some cell phone providers, except for the usual 80, 443, 8080 and a few others, and we have people that need to access my Openfire server from their cellphones.

Thanks in advance

Hi Noccy,

I wonder whether you have Openfire running on a Windows server which is not behind a firewall. So you may ask your firewall admin to do this mapping for you.


I am the admin, and the server is a Win2K server. The firewall that’s running is software, and not hardware; ‘wipfw’, which to my knowledge doesn’t support remapping of ports on windows yet.

Any other ideas?

Hi Noccy,

what about using a Connection Manager? You could start as many instances as needed using unique ports and forwarding the traffic to Openfire. Anyhow I don’t know whether it runs as a service like Openfire-service on Windows.


If you’re hosting Openfire server on Linux (I am on Ubuntu), there’s an easy way to do this.

Using the following commands sets your iptables to redirect a port to another (effectively mirroring the original port), and it’s tested and works well with Openfire.

For Openfire, I needed to also have port 15222 (or another port on the same server) point to 5222 (internally) but Openfire could not bind to multiple ports…

I fixed with the following:

In Linux CLI input:

iptables -t nat -A PREROUTING -p tcp --dport 15222 -j REDIRECT --to-ports 5222


Test and connect, and all features/functions work as expected, and should stay persistant after server reboot.


Glenn Geller

VDO-Ph International