Miradore Management Suite Portal

Knowledge base

Knowledge base

Self-service support

Firewall openings needed to manage devices with Miradore

This article lists network requirements for managing devices remotely with Miradore.

Miradore services

Miradore services are currently behind three addresses:

online.miradore.com
This is our user interface. It is also used when entering credentials during enrollment of iOS devices.

gateway.miradore.com
Mobile devices use this to contact our servers.

ejbca.miradore.com
iOS devices use this to request certificates during enrollment and certificate renewal.

 

Connections between push notification services and managed devices

All supported platforms have their own push notification service platforms hosted by Google, Apple and Microsoft respectively. Push notifications are needed for real-time connections to devices, for example when you deploy a configuration profile or send a wipe command, the device is waken up by a push notification. Please find below the platform specific information regarding push notifications and networking.

 

Android

Ports required for Google Firebase Cloud Messaging  (FCM) are: 5228, 5229, and 5230. Google says FCM typically only uses 5228, but sometimes 5229 and 5230. FCM doesn't provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169. More information: https://firebase.google.com/docs/cloud-messaging/concept-options#messaging-ports-and-your-firewall

 

iOS & macOS

Apple Push Notification service (APNs) requires TCP ports 5223 and 443 to address block 17.0.0.0/8. More information: https://support.apple.com/en-us/HT203609

 

Windows

For Windows platform, open HTTPS port 443 to the internet.

 

 

 

Notice that the ports and addresses are subject to change.

Please comment below if you notice something is not working, we can then update the document with latest available information.


Please send comments to contact@miradore.com.