We are using iPads as thin clients to a local server.
We would like to prevent all internet access EXCEPT we would like to allow it to receive iOS updates from Apple.
I have already established a blocking mechanism; the trick is knowing what resources the iOS needs to get updates so I can allow that through the firewall.
Thanks!
Most want to prevent ios updates 😉.
schoolofluck writes:
"Our school is now blocking iOS7 by blocking Apple's ios7 update.
We use opendns to block everything from apple's subdomain." mesu.apple.com
post:
https://discussions.apple.com/thread/5379636?start=20&tstart=0
AndyBeaver writes:
We were able to prevent our students from installing iOS 7 by blocking through DNS and our web filter this address.
http://mesu.apple.com/assets/com_apple_MobileAsset_SoftwareUpdate/com_apple_Mobi leAsset_SoftwareUpdate.xml
AndyBeaver's post:
Thanks for taking the time to reply, but I didn't ask how to block. I already have a blocking mechanism in place. I need to allow updates through.
I tried allowing apple.com but even their home page wouldn't load.
Thanks for taking the time to reply, but I didn't ask how to block. I already have a blocking mechanism in place. I need to allow updates through.
Think.
I tried allowing apple.com but even their home page wouldn't load.
I think you have a different problem. Perhaps port 80 is blocked. Perhaps some other router in your network is blocking apple.com.
A diagnostic app might be of help. You need to do a trace route on apple.com Goto a public library to install.
https://itunes.apple.com/us/app/network-ping-lite/id289967115
https://itunes.apple.com/us/app/inettools-network-diagnose/id561659975?mt=8
Here are some common ports used by apple.
http://support.apple.com/kb/TS1629
mybe your dns server is blocked.
I like to use google for my dns server
8.8.8.8 or 8.8.4.4
ping google.
ping 74.125.228.2
apple like to run incognito so you will not see much with trace route
That is not the case either. I have all services open outbound to apple.com. DNS is local and responding fine. I can ping apple.com and it resolves the IP. (I know it won't respond to ICMP requests)
This isn't my first rodeo. I just need to know what web resources are required for apple to update the iOS.
Not trying to frustrate anyone but I havent received any information pertaining to my question. Were I having basic issues with other sites I would have resolved those before posting.
If no one knows then I will just advise the client that Apple is unwilling or does not know the answer.
I look forward to any help that addresses my issue.
Locking down iPad internet access, but allow iOS updates
