Before we setup Mobile Device Management, let us first understand the architecture behind managing mobile devices over-the-air (OTA). All Communications from Mobile Device Manager Plus MSP to the managed iOS device is routed through Apple Push Notification Service (APNs). A live TCP connection is maintained for intermediate service. APNs acts an intermediate wake up service to wake up the device whenever an action is triggered to be performed from the Mobile Device Manager Plus MSP. Managed mobile device communicates with Mobile Device Manager Plus MSP to receive the instructions and report back the status and data.
For the above setup to work, the following ports need to be configured.
5223 - If the mobile device connects to the internet through the Wi-Fi, then this port should be opened. For better security, you can restrict these connections on the IP range 17.0.0.0/8. If all the managed devices have access to cellular data network, this requirement is not needed (Outbound port).