iOS Wi-Fi Firewall Requirements

For Apple iOS we utilize the device’s in-built MDM framework APIs which are controlled via the Apple Push Notification Service (APNS). These are used to register the device, upload information as well as action commands.

To receive these push notification the device connects directly* to the APNS over the cellular network or Wi-Fi and to permit the APNS traffic when connecting via Wi-Fi, the following TCP ports must be open in the firewall:


Service or Protocol Name



Certificate Enrolment Server

Used for over the air Managed Device Management enrolment


Apple Push Notification Service

Used to send notifications to the APNS


Apple Push Notification Service

Used by the APNS feedback service


Apple Push Notification Service

Used by devices to communicate to APNS and receive push notifications


Secure Sockets Layer (HTTPS)

Used as a fallback where devices are unable to communicate with APNS on port 5223

* Please note, the device may be unable to use APNS if there is a proxy server on the Wi-Fi network as APNS requires a direct and persistent connection from device to server.