cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MDM/Apple whitelisting on firewall/filtering

Here to help

MDM/Apple whitelisting on firewall/filtering

Hi all

 

I am at a school where I do no support their network, instead I will be setting up the MDM for their iPads.

 

Dashboard is all set up, iPads are in DEP and I am able to wipe and install profiles on to the iPads.

 

However apps are not installing on the wifi, it seems Apple ID/AppStore seems to be blocked. When trying to log in to the AppStore using my personal AppleID, it fails without an error, just returns back to the login page. 

Apps deployed via Meraki (VPP) also do not download.

 

As soon as I connect the iPad to my 4G hotspot, everything kicks in and starts working, apps install and I am able to log in to the AppStore.

 

Are there any URLs, ports etc that need to be whitelisted or unblocked for smooth working of the iPads?

 

The school is on a BT Fibre network with Smoothwall running their firewall/URL Filtering.

 

I have commissioned iPads at other schools where they are on a LGFL network and everything works without intervention.

 

I want to be able to pass information on to their network support so I can make sure that when I come to set up all of the iPads that nothing will go wrong.

 

You help will be greatly appreciated.

 

thank you.

5 REPLIES 5
Meraki Employee

Re: MDM/Apple whitelisting on firewall/filtering

Could be certain domains being blocked:

https://support.apple.com/en-us/HT201999

 

Could be ports being blocked, but this is probably less likely:

https://support.apple.com/en-us/HT203609

 

Kind of a big deal

Re: MDM/Apple whitelisting on firewall/filtering

To make Apple devices work reliably you need to allow access to Apple's whole IP address space - 17.0.0.0/8 - yep, a /8.  Allow all ports if you want your life to be simple.

Kind of a big deal

Re: MDM/Apple whitelisting on firewall/filtering

@AftabAhmad You mentioned you don't support the network, in that case have you spoken to the network engineers to see if they have blocked app store traffic on purpose?

 

I get some organisations block app store traffic in an effort to reduce bandwidth especially around the time of large OS releases, the way around this for Apple is to setup a content caching server which means the files only has to be downloaded by a single client before its hosted for everyone on that subnet.

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Here to help

Re: MDM/Apple whitelisting on firewall/filtering

Weird thing is that they were using DataJar MDM before with apps being deployed, I'll have to investigate further as the iPads still have the profile on them, I'll be able to see which SSID they were connected to. It may be that the one I was connecting to after a wipe wasn't the correct one and could be filtering the AppStore/AppleID.

Here to help

Re: MDM/Apple whitelisting on firewall/filtering

Thanks for the replies, I will ask them to take a look asap before my next visit. Hopefully it all works out and goes smoothly.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels