ManageEngine Mobile Device Manager Plus supports managing your mobile devices from a single console. Mobile Device Manager Plus offers Policy Management, Profile Management, Asset Management, App Management and Security Management of different kinds of mobile devices.
The diagram given below represents the workflow of the On-Premises version of Mobile Device Manager Plus:
Note:For the architecture and functioning of Mobile Device Manager Plus Cloud, refer to this page.
For the above setup to work, the following should be done:
Assuming user's mobility, MDM server should be reachable via public IP address. You should NAT your internal IP of MDM server to a public IP to enable this. If all the devices managed are within the LAN, this requirement is not needed.
TCP and TLS protocols are used for enrolling devices in MDM.
9383 - Used for secured communication between the agent and the Mobile Device Manager Plus
443 - Should be open at the firewall/ proxy for MDM server to reach APNs. Host address: api.push.apple.com
5223 - If the mobile device connects to the internet through the Wi-Fi, then this port should be opened. For better security, you can restrict these connections on the IP range 17.0.0.0/8. If all the managed devices have access to cellular data network, this requirement is not needed.
NOTE: If your Wi-Fi is behind a firewall or you make use of a private Access Point Name for cellular data, then ensure access has been provided to the specific ports.
443 - Used for secured communication between the MDM server and the FCM server.
Port numbers 5228, 5229, 5230, 5235,5236 should be open on the firewall, If the mobile device connects to the internet through Wi-Fi. This enables communication between the mobile devices and the FCM.
For further details on ports, click here.