Help

APN issue

jarradyuhas
Contributor

Posted on ‎05-10-2013 06:33 AM

Currently, we are able to create configuration profiles and have them pushed to computers outside of the network but not to computers that are on our internal network. I assume that this means that we have an issue with APNs connecting to our internal computers. Anyone know what we would need to unblock on our firewall for this to work?

0 Kudos
4 REPLIES 4

Bukira
Contributor

Posted on ‎05-10-2013 06:50 AM

I think you need to allow the APN ports through your firewall to your clients

0 Kudos

jarradyuhas
Contributor

Posted on ‎05-10-2013 07:00 AM

I do currently allow all traffic to all internal clients from any external address from TCP ports 5223, 2195 and 2196 for testing purposes, so it should work as long as those are the ports used.

0 Kudos

NickKoval
Contributor
Contributor

Posted on ‎05-10-2013 07:35 AM

Every client needs to be able to reach the JSS over 8443. They also need to be able to reach Apple (17.0.0.0/8) over 5223. The JSS needs to be able to reach Apple over 2195 and 2196.

With push notifications, clients have to make an outbound connection which then persists and data from Apple comes back down the open pipe. It's possible that your corporate firewall allows outbound traffic, but blocks what is called established traffic. Both need to work for push notifications.

0 Kudos

ericbenfer
Contributor III

Posted on ‎05-10-2013 07:47 AM

Unable to use Apple Push Notification service (APNs)
http://support.apple.com/kb/TS4264

This is a great tool for trouble shooting APNS from the server.
http://twocanoes.com/push-diagnostics/

0 Kudos