Knowledge Base
Home » Knowledge Base

To resolve connectivity issues to contact Android devices, click here.

Unable to contact the device

Problem

An error Unable to contact the device is displayed on the MDM server while trying to execute remote Security Commands or a Device Scan on Apple devices.

Reason

Connectivity based issues on Apple devices occur when the devices are unable to contact the MDM server or the APNs servers, due to poor network connection, or non-accessibility to the domain itself.

The following are the reasons due to which connectivity is interrupted:

  1. Server based issues
  2. Device based issues

Resolution

Server based issues

  1. Retry scanning the device, by navigating to Inventory > Devices> Actions > Scan Now.
  2. In case the device scan is not successful, it could be because the APNs certificate has expired, or if it has been removed from the server. Verify the APNs certificate expiry details, and if the certificate has expired, renew the certificate. If the certificate has been removed, add it to the MDM server.
  3. Follow the given steps to verify if APNs is reachable:
    • Check if api.push.apple.com:443 is reachable from the machine where the On-premises version of MDM is hosted.
    • If Self-signed SSL certificates or Enterprises certificates from CA's have been used, check the requirements given by Apple.
    • While using the On-Premises version, if HTTPS inspection is used, Apple services will not function. To ensure that the required Apple services function, disable the HTTPS interception for all the hosts that are listed in this document provided by Apple.

Device based issues

  1. Check if the devices have Internet connectivity.
  2. Follow the given steps to verify if the MDM server is reachable:
    • If you are using the Cloud version of MDM, ensure that https://mdm.manageengine.com.au is accessible from the device.
    • If you are using the On-Premises version of MDM, ensure that https://[fqdn]:[port] is accessible from the device.
  3. If the device is connected to a corporate Wi-Fi network, check the connection to api.push.apple.com using the port 443 or 5223. For more information on how to reach the APNs servers, check this document.

  4. During iOS/Mac device installation, a certificate and private key shall be installed in the device. If this certificate is not found in key-chain then the agent will lose connection with the MDM server and the device will be unreachable.

If the issue persists after trying out all the troubleshooting methods provided above, contact support.