- Jamf Nation Community
- Products
- Jamf Pro
- Inquiry About Jamf Policy Deployment on Network-Is...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Inquiry About Jamf Policy Deployment on Network-Isolated Mac
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-17-2024 01:56 AM
Hi everyone,
I have a question. I have a batch of experimental Macs that need to be managed and registered with Jamf.
Question 1: These experimental Macs cannot connect to the internet. Is there a way to deploy policies through Jamf?
Question 2: If internet access is needed for proper deployment, I know Jamf has port information. I would like to ask experienced experts which specific ports need to be opened.
All Macs with normal internet access can receive policies correctly. I want to know how to ensure that the network-isolated Macs can also receive policies from Jamf. Thank you, everyone.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-17-2024 02:20 AM - edited 06-17-2024 02:24 AM
For jamf to function it requires APNS, this requires internet access
https://learn.jamf.com/en-US/bundle/technical-articles/page/Network_Ports_Used_by_Jamf_Pro.html
Ports used by Apple for enterprise
https://support.apple.com/en-gb/101555
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-17-2024 05:44 AM
- Jamf even if on prem requires access to APNS on the device level. Some functions will work without the device having internet access, but not many and certainly not enough to test with.
- If you have Jamf Cloud, that is SaaS and without access to AWS forget anything working.
- Jamf and Apple both have all their ports and hosts well documented, searching the respective vendors documentation should yield all you need to know.
- I have shoved the table that I used to ensure what we need is allowed. Be warned I have not updated it in a while, and both Apple and Jamf will make updates to these hosts/ports without notice.
- I also put some relevant network links for source.
Use Apple products on enterprise networks - Apple Support
Network Ports Used by Jamf Pro - Technical Articles | Jamf
External ports needed:
Apple:
- *.apple.com – 17.0.0.0/8 block
- Ports: 80, 123, 443, 2197, 5223
- Apple notes that the entire 17.0.0.0/8 block is assigned to them.
- MacOS Updates
- ns.itunes.apple.com:443
- gnf-mdn.apple.com:443
- gnf-mr.apple.com:443
- gs.apple.com:443
- skl.apple.com:443
- appldnld.apple.com.edgesuite.net:80
- appldnld.apple.com:80
- configuration.apple.com:443
- gg.apple.com:80
- gg.apple.com:443
- gs.apple.com:80
- ig.apple.com:443
- itunes.com:80
- mesu.apple.com:80
- mesu.apple.com:443
- oscdn.apple.com:80
- oscdn.apple.com:443
- osrecovery.apple.com:80
- osrecovery.apple.com:443
- swcdn.apple.com:80
- swdist.apple.com:44
- swdownload.apple.com:80
- swdownload.apple.com:443
- swscan.apple.com:443
- updates-http.cdn-apple.com:80
- updates.cdn-apple.com:443
- xp.apple.com:443
- time.apple.com:443
- Apple traffic
- Ports 443
JAMF Pro:
- JAMF Cloud: You Jamf Cloud URL if hosted
- Ports: 80, 443, 8080, 8443
- SelfService Icons: https://ics.services.jamfcloud.com/icon/hash_64298c027ff4212de9ef53b218a42864dc375a6db956e0d4fc70b69...
- Ports: 443
- JAMF Cloud Distribution Point: use1-jcds.services.jamfcloud.com
- Ports: 443
- JAMF Cloud Distribution Point: jcds.services.jamfcloud.com
- Ports: 443
Internal ports needed:
- JAMF distribution point: \\sharedrive\JSSDP – (IP address here if static)
- Ports: 445/137-139
- Documentation: https://www.jamf.com/jamf-nation/articles/34/network-ports-used-by-jamf-pro
