NAT Settings


To manage mobile devices using Mobile Device Manager Plus MSP, the MDM server must be reachable from the devices, at all times. While the MDM server is reachable when the devices are in the same network as the server, it is not possible for the devices to reach the server from outside the network. As the devices being managed are mobile and are mostly present outside the network, it is necessary to ensure devices are able to contact the MDM server, for continued device management. This can be achieved by mapping your internal IP address to a public IP address or FQDN(Fully Qualified Domain Name) after which the devices in LAN, or an external network can access the MDM server. This process is called Network Address Translation or NAT and is mandatory for managing devices outside your organization's network.

To ensure data security, self-signed or third-party certificates can be used. Since certificates encrypt the communication between the server and the devices, corporate data over the internet is secure.

It is recommended to use an FQDN since any changes to the internal IP address are automatically mapped to the FQDN and no intervention is required until you modify the NAT settings. Also, third-party certificates recognize the server using the FQDN.

Methods for configuring NAT settings

There are two approaches for configuring the NAT settings:

Steps to Configure NAT Settings

Follow the steps below to configure NAT:

  1. (If you're using MDM in Endpoint Central), NAT settings can be configured by navigating to NAT under Settings dropdown in the left pane.
  2. (If you're using MDM On-Premises) On the web console, select the Admin tab.
  3. Click NAT Settings under Settings from the left pane.
  4. The details of the Mobile Device Manager Plus MSP server and the ports are pre-filled based on your current setup.
  5. Provide the public IP and the Ports of the Secure Gateway and click Save.

MDM is now successfully set up to manage mobile devices. To manage iOS devices you have to create an APNs certificate and upload it to the MDM server. Refer the Port details for iOS, Android and Windows devices.

We have made your job simpler!

Learn how to set up Secure Gateway in 3 minutes through this demo video.

Modifying NAT Settings

The FQDN/IP initially specified will be registered on the enrolled devices and used for communication between the MDM server and devices. Depending on the organization's preferences, the FQDN/IP might have to be changed especially during the following scenarios.

  • If a public IP was being used and the organization decides to switch to an FQDN.
  • The organization is to be rebranded which implies a change in the domain name. The existing public FQDN/IP has to be replaced with the new FQDN/IP which corresponds to the new domain name.
  • The private FQDN/IP has to be changed to the public FQDN/IP if devices need to access the MDM server from an external network.
  • Although NAT is modified, the enrolled devices will continue to reach the MDM server using the previous FQDN/IP. This can be resolved by making a few changes to your environment for mapping the new address to the existing FQDN/IP. Without these changes, devices cannot be managed by MDM. However, devices enrolled after modifying NAT will not be affected and can be managed as usual.
    To make the required changes, follow the steps given below.

    For all platforms other than Android:

    For Android devices, the process of registering the new FQDN/IP in the enrolled devices can be done by contacting MDM Support at

    If you want to modify the port, ensure that it is redirected to port 9383 in your internal environment for continued management of all platforms except Android, for which you need to contact MDM Support at

    Setting Up Secure Gateway

    Setting up Secure Gateway involves the following.

    Removing Secure Gateway

    Uninstalling Secure Gateway involves the following steps:


    See Also: Configuring Proxy Server, Configuring Mail Server, Configuring Server Settings, Configuring Remote DB Access, Importing SSL Certificates, User Administration, Personalize, Data Backup and Restore
    Copyright © 2021, ZOHO Corp. All Rights Reserved.