On-Premise Installation Guide for MobileIron Core and Enterprise Connector 11.1.0.0| 19
Requirement Description Port
there is an option to do so. Otherwise, use
support.mobileiron.com to download the updates instead of
supportcdn.mobileiron.com.
l api.push.apple.com to use APNSv2.
Apple APNS and
MDM Services
Open ports and 2195, 2196, 2197 (TCP) between Core and Apple’s
APNS network (17.0.0.0/8) for support of APNS for iOS devices. If
you are not using iOS MDM, then this port is not required.
l TCP 2195:gateway.push.apple.com
l TCP 2196: feedback.push.apple.com
l TCP 2197: api.push.apple.com (optional, alternative for HTTPS
443)
HTTPS 443
TCP 2195,
2196, 2197
iOS VPP and
Windows
notification /
check-ins
Open HTTPS 443 for the following access:
https://vpp.itunes.apple.com
(Known to be redirected to: www.apple.com,
securemetrix.apple.com)
*.wns.windows.com, *.notify.windows.com
HTTPS 443
iTunes,
Maps/Location,
Windows 10,
Windows 8.1
RT/Pro Apps
Open HTTPS 443 or HTTP 80 for the following access:
l itunes.apple.com, *.phobos.apple.com, and
*.mzstatic.com for performing iTunes App Store lookups.
l https://storeedgefd.dsx.mp.microsoft.com for Windows 10
app store lookups.
l http://marketplaceedgeservice.windowsphone.com,
http://cdn.marketplaceimages.windowsphone.com for
performing Windows 8.1 store lookups,Windows 8.1 store
search, app images and services.
l https://api.mqcdn.com for locating devices (IP addresses
vary. Perform an nslookup to determine the necessary IP
addresses.)
l http://store-images.microsoft.com/image/apps
http://developer.mapquest.com
http://store-images.s-microsoft.com/image/apps for
downloading Windows apps and graphics
l http://hoedus.mobileiron.com/v1/api/ for doing Google Play
Store lookups.
HTTPS 443
HTTP 80
Traffic from Internet/Outside to Standalone Sentry
Standalone Sentry is in the DMZ
TABLE 4. EXTERNAL AND INTERNET RULES (CONT.)