iOS Wi-Fi Firewall Requirements

For Apple iOS we utilize the device’s in-built MDM framework APIs which are controlled via the Apple Push Notification Service (APNS). These are used to register the device, upload information as well as action commands.

To receive these push notification the device connects directly* to the APNS over the cellular network or Wi-Fi and to permit the APNS traffic when connecting via Wi-Fi, the following TCP ports must be open in the firewall:

Port

Service or Protocol Name

Notes

1640

Certificate Enrolment Server

Used for over the air Managed Device Management enrolment

2195

Apple Push Notification Service

Used to send notifications to the APNS

2196

Apple Push Notification Service

Used by the APNS feedback service

5223

Apple Push Notification Service

Used by devices to communicate to APNS and receive push notifications

443

Secure Sockets Layer (HTTPS)

Used as a fallback where devices are unable to communicate with APNS on port 5223

* Please note, the device may be unable to use APNS if there is a proxy server on the Wi-Fi network as APNS requires a direct and persistent connection from device to server.