Currently Being ModeratedMay 8, 2012 11:26 AM (in response to itechsolutions)
Do you have the APNS ports accessible on the server?
I have these open on TCP only 5223,2195,2196,1640
When viewing the Profile Manager interface can you see the information about the devices that are enrolled?
Whenever I add a new device to Profile Manager, I login and add a placeholder under devices and type in the name and serial number of the device and then go to the device and download the trust certificates and enroll the device. Refresh Profile Manager and the device will show up in that placeholder with all the information about it (battery percent, OS version, etc)
Currently Being ModeratedMay 8, 2012 11:34 AM (in response to cellcore)
I have opened those ports on the firewall to the server. When added I do see the device and the information for the device. I have not tried to add a place holder before joining the device, I will remove the device and then try to enroll the same steps as above and respond.
Currently Being ModeratedMay 8, 2012 11:46 AM (in response to itechsolutions)
We also have enabled Apple Push Notifications in Server.app using the supplied Apple certificate.
I don't know if Profile Manager will work without it, since when we started enrolling devices it was on.
Currently Being ModeratedMay 8, 2012 1:54 PM (in response to cellcore)
I tried enrolling the other still no luck...they all enroll but when I push a command it just says sending and never completes. I do have the Apple Push Noticifations enabled in the Server.app and have went through the process online with apple to create one.
Is there a way to test that is working?
Currently Being ModeratedMay 8, 2012 2:04 PM (in response to itechsolutions)
Can you double check on the iPad under Settings -> General -> Profiles.
There should be a Trust Profile and it should say Verified when you click on it.
And then Remote Management should say Verified as well.
On our iPads/iPhones there is Settings for Device and then Settings for User in the same area.
If that all looks good I would take a look at network settings.
Currently Being ModeratedMay 8, 2012 2:09 PM (in response to cellcore)
Both are there and say verified, I am getting close to formatting and starting again however I might run into the same issue.
The network is on a DMZ with the ports open. I do not have DNS on the LION but do have a public DNS pointer to it and a internal Windows DNS server. All the lookups seem to function with no problems.
Currently Being ModeratedMay 8, 2012 2:29 PM (in response to itechsolutions)
The DNS not on Lion server is not a problem, I'm using DNS on a Linux server without problem.
Is there any way you can move Lion server out of the DMZ and onto the trusted internal network and then put the devices on wifi inside the internal network just for a test? That would get you direct connect to Lion server.
Currently Being ModeratedMay 8, 2012 4:29 PM (in response to cellcore)
I changed the IP and moved it internal and tested the iPad on the internal wireless and it seemed to work. Does this mean the port fowarding is not working?
Currently Being ModeratedMay 8, 2012 6:09 PM (in response to itechsolutions)
I would check those first.
I don't have a lot of experience with DMZ setups, but if you are using an Untangle or Juniper box I could try and point you in the right direction.
Currently Being ModeratedMay 9, 2012 9:13 AM (in response to cellcore)
Thanks for al your help! It was the ACL Rules on the ASA!
Currently Being ModeratedJun 20, 2012 9:20 AM (in response to itechsolutions)
Gmail does not support PUSH notifications. I tried different things but only one thing worked for my iPad! Check out this video @ http://www.youtube.com/watch?v=g107DStzN8Y