Firewall openings needed to manage devices with Miradore


This article lists network requirements for managing devices remotely with Miradore.

Miradore services

Miradore services are currently behind three addresses:
This is our user interface. It is also used when entering credentials during enrollment of iOS devices.
Mobile devices use this to contact our servers.
iOS devices use this to request certificates during enrollment and certificate renewal.


Connections between push notification services and managed devices

All supported platforms have their own push notification service platforms hosted by Google, Apple and Microsoft respectively. Push notifications are needed for real-time connections to devices, for example when you deploy a configuration profile or send a wipe command, the device is waken up by a push notification. Please find below the platform specific information regarding push notifications and networking.



Ports required for Google Firebase Cloud Messaging  (FCM) are: 5228, 5229, and 5230. Google says FCM typically only uses 5228, but sometimes 5229 and 5230. FCM doesn't provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169. More information:


iOS & macOS

Apple Push Notification service (APNs) requires TCP ports 5223 and 443 to address block More information:



For Windows platform, open HTTPS port 443 to the internet.




Notice that the ports and addresses are subject to change.

Please comment below if you notice something is not working, we can then update the document with latest available information.

Please send comments to