Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleDevice Service, AWCM, API Server...
Source ComponentSource ServerSource IPDestination ComponentDestination ServerDestination IPProtocolPortDescription
Devices on Internet and Wi-Fi

Device Services Serverds.awmdm.comAirWatch IP RangeHTTPS443For Device Management
Devices on Internet and Wi-Fi

Device Services Serverawcm.awmdm.comAirWatch IP RangeHTTPS2001For AW Cloud Messaging; WinMo, Win32 or Android only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Database ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)TCP1433NOTE: If using a named SQL instance you will need to open the custom TCP/IP port
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)All AirWatch Servers

HTTPS443For DS, Console, SEG, MAG, API
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AWCM Server (typically the DS)awcm.awmdm.comAirWatch IP RangeHTTPS2001
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Active Directory domain controllerad.fqdn.com#.#.#.#LDAP(S)389, 636, 3268, or 3269[OPTIONAL] if you don't use ESC
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Active Directory domain controllerad.fqdn.com#.#.#.#KerberosTCP88, UDP88[OPTIONAL] if you don't use ESC
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)SMTP Mail Relaysmtp.fqdn.com#.#.#.#SMTP25 or 465[OPTIONAL] if you don't use ESC
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Internal PKIpki.fqdn.com#.#.#.#HTTPS/DCOMDCOM or HTTPS[OPTIONAL] if you don't use ESC
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Exchange Servermail.fqdn.com#.#.#.#HTTP/HTTPS80/443For Powershell Integration; If not using ESC
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)discovery.awmdm.com

HTTPS443For AutoDiscovery
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)gateway.push.apple.com

TCP2195, 2197For Cloud Messaging; Apple iOS and Mac OS X only, Proxy Connections not supported.
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)feedback.push.apple.com

TCP2196, 2197For Cloud Messaging; Apple iOS and Mac OS X only, Proxy Connections not supported.
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)android.googleapis.com

HTTP/HTTPS80 and 443For Cloud Messaging; Android only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)*notify.live.net

HTTP/HTTPS80 and 443For Cloud Messaging; Windows Phone only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)has.spserv.microsoft.com

HTTP/HTTPS80 and 443Windows 10 only for health attestation
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)inference.location.live.net 

HTTP/HTTPS80/443For Cloud Messaging; Windows Phone  only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)login.live.com 

HTTPS443For Cloud Messaging; Windows Phone only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Apple iTunes
*itunes.apple.com
*.mzstatic.com
*phobos.apple.com
*phobos.apple.com.edgesuite.net


HTTP80For App Management; Apple iOS and Mac OS X only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)vpp.itunes.apple.com

HTTPS443For VPP App Management; Apple iOS and Mac OS X only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)play.google.com

HTTPS443For App Management; Android only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)android.clients.google.com

TCP80For App Management; Android only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)


HTTPS443For AutoDiscovery
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)*.windowsphone.com

HTTP80For App Management; Windows Phone only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)next-services.apps.microsoft.com

HTTPS443For App Management; Windows RT/Pro/ENT only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)awcp.air-watch.com/*

HTTPS443For APNs Certificate; Apple only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)appwrap04.awmdm.com/awappwrap

HTTPS443For App Wrapping; Apple only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)appwrapandroid.awmdm.com/awappwrap

HTTPS443For App Wrapping; Android only
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Public SSL Cert CRL* (Example: ocsp.verisign.com)

HTTP/HTTPS80 and 443
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)*.virtualearth.net

HTTPS443Device Location Tracking
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Code Signing Cert CRLhttp://csc3-2010-crl.verisign.com/CSC3-2010.crl
HTTP80
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Code Signing Cert CRLhttps://dl.cacerts.digicert.com/DigiCertAssuredIDRootCA.crt
HTTPS443
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Code Signing Cert CRLhttps://dl.cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt
HTTPS443
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Code Signing Cert CRLhttp://crl3.digicert.com/sha2-assured-cs-g1.crl
HTTP80
Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)Code Signing Cert CRLhttp://crl4.digicert.com/sha2-assured-cs-g1.crl
HTTP80

...

Expand
titleACC...
Source ComponentSource ServerDestination ComponentDestination ServerDestination IPProtocolPortDescription
ESC Serveresc.fqdn.comAirWatch Cloud Messaging Serverawcm.awmdm.comAirWatch IP RangeHTTPS443 / 2001(on-prem)Telnet from VESC to AWCM Server on port or once installed:
Verify by entering https://awcm.awmdm.com:2001/awcm/status and ensure there is no certificate trust error
ESC Serveresc.fqdn.comAirWatch Admin Consolecn.awmdm.comAirWatch IP RangeHTTP or HTTPS80 or 443Telnet from VESC to Console on port or once installed:
Verify by entering https://cn.awmdm.com and ensure there is no certificate trust error
ESC Serveresc.fqdn.comAirWatch REST APIas.awmdm.comAirWatch IP RangeHTTPS443Diagnostics Service
ESC Serveresc.fqdn.comCRLhttp://csc3-2010-crl.verisign.com/CSC3-2010.crl
HTTP80For various services to function properly
ESC Serveresc.fqdn.comInternal LDAPad.fqdn.com#.#.#.#LDAP(S)389, 636, 3268, or 3269
ESC Serveresc.fqdn.comInternal LDAPad.fqdn.com#.#.#.#KerberosTCP88, UDP88
ESC Server [OPTIONAL]esc.fqdn.comInternal SMTPsmtp.fqdn.com#.#.#.#SMTP25
ESC Server [OPTIONAL]esc.fqdn.comInternal SCEPpki.fqdn.com#.#.#.#HTTP or HTTPS80 or 443
ESC Server [OPTIONAL]esc.fqdn.comInternal ADCSpki.fqdn.com#.#.#.#DCOM135, 1025-5000, 49152-65535
ESC Server [OPTIONAL]esc.fqdn.comInternal Exchange 2010 or highermail.fqdn.com#.#.#.#HTTP or HTTPS80 or 443For Powershell Integration

...