Apple Push Notification Service is not working even though TCP Port 2195 and 2196 are open for outbound traffic on the firewall.

book

Article ID: 48569

calendar_today

Updated On:

Products

CA Mobile Device Management

Issue/Introduction

Description:

SYMPTOM:

In the APNSProvider Traces following error can be found:

20090930T160731.520|1| - Feedback Error: A connection attempt failed because the connected party did not properly respond after a period of time,or established connection failed because connected host has failed to respond 17.149.32.50:2196

Solution:

CAUSE:

The Apple Push Notification Service (APNS) requires TCP Port 2195

for the Data Channel, TCP Port 2196 for the Feedback Channel and TCP Port 5223 must be open on any firewalls between the device and the Internet for Wi-Fi Only devices in order to work.

In this case TCP Port 2196 was not opened for outbound traffic.

SOLUTION:

Open TCP Port 2196 for outbound network traffic from the CA MDM Server (CA MDM Server Farm Master if running an CA MDM Farm) directly to the Internet.

MORE INFORMATION:

From Apple Developer article:

http://developer.apple.com/library/ios/#technotes/tn2010/tn2265.html

IP Address Range Used by the Push Service Push providers and iOS devices are often behind firewalls.

To send notifications, you will need to have TCP port 2195 open.

To reach the feedback service, you will need to have TCP port 2196 open.

Devices connecting to the push service over Wi-Fi will must have

TCP port 5223 opened on any firewalls between the device and the Internet open.

The IP address range for the push service is subject to change; the expectation is that providers will connect by hostname rather than IP address. The push service uses a load balancing scheme that yields a different IP address for the same hostname.

However, the entire 17.0.0.0/8 address block is assigned to Apple, so you can specify that range in your firewall rules.

Environment

Release:
Component: MDM