Hey everyone,
Is anyone out there managing their iPads (with an MDM solution) over 3G MPLS? I'm just curious as to what needed to be setup for the iPad devices in regards to networking and firewall changes as they will be on an internal IP range rather than out there on the internet. I'm assuming that certain ports will need to be opened for the iPads to communicate with the outside world for APNS and Policy updates to occur?
Thanks.
iPad, iOS 5.0.1
I should clarify my request a little better. I am using an MDM to manage iPads via MPLS. I am able to enroll the devices and apply the initial payload policies to the iPads but once enrolled I can no longer update policies or remote lock the devices. I can still remove and reset the MDM agent or gather the GPS data etc though. I'm assuming it is because I have something configured not quite right in relation to the iPads communication over the MPLS.
I can put the device out on the internet and apply policies without issue.
Currently the iPads sit behind a proxy and have port 5223 open to APNS as per vendor documentation.
I cannot see any errors on the MDM agent logs, the MDM server or the firewall.
Thanks.
The site name is a bit scary, but this pdf describes the MDM protocol.
https://media.blackhat.com/bh-us-11/Schuetz/BH_US_11_Schuetz_InsideAppleMDM_WP.p df
"This paper describes how Apple’s MDM system works. It details the method by
which an MDM server initiates a connection to a managed device, how the device
enrolls with the server, and the various commands available to the system. Full
parameters are provided for each command, as well as details for specialized
responses from the device. Finally, source code is provided for a very simple MDM
server, that will permit basic experimentation with the MDM protocol using actual
iOS devices."
Robert
Thanks Robert,
The issue ended up being due to 2 problems. A missing route on the IP range that the iPads were on internally and a firewall rule. Both are fixed now and I can update policies fine 🙂
Thanks
Anthony.
iPads, MDM and MPLS
