GCM & APNs uses different ports to connect their own Push notification service. If your organization has firewall, that restrict the traffic to the internet. Therefore, you will need to allow or open the ports to access GCM, APNs.
The ports to opens to access Google Cloud Message (GCM) service.
Allow TCP/UDP Ports – 443, 5228, 5229, and 5230 base on destination in firewall outgoing rule.
If you want increase the security in LAN or WIFI in your organization, you can use IP address as well.
Network -: Google’s ASN of 15169.
The ports to opens to access APNs service.
Allow TCP ports – 2195, 2196 and 5223 based on destination in firewall outgoing rule.
The port 5223 used by devisees to get notification from the APNs server. If your device access the APNs, servers through Wi-Fi instead of cellular data & firewall has restricted the TCP Port 5223 via Wi-Fi, the APNs services alternatively use the TCP port 443.
If you want to increase the security in LAN or WIFI in your organization, you can use IP address as well.
Network -: The entire 220.127.116.11/8
Please note I tested the port configuration in my LAB environment & it worked successfully.