APNs is not reachable

Problem

Trying to reach a managed mobile device, fails and you get the error message "APNs is not reachable"

Cause

This could happen due to various reasons, such as:

  • Port blocked
  • Proxy not configured
  • Invalid APNs certificate
  • Third-party filters

Resolution

Port blocked:

Ensure that the following ports are open:

TCP port # 2195 should be opened on the Mobile Device Manager Plus MSP firewall, this allows the Mobile Device Manager Plus MSP server to communicate with the APNs.

TCP port # 5223 should be opened on the firewall/proxy settings, if the mobile devices connects to the internet via Wi-Fi.

Additionally, ensure that the domain 17.0.0.0/8 is also open on the Mobile Device Manager Plus MSP firewall.

Proxy not configured:

If the network in which Mobile Device Manager Plus MSP server is installed has a proxy, ensure that the proxy settings are configured. Verify the user name and the password for proxy authentication, so that the server can reach the APNs.

Invalid APNs certificate:

Ensure the latest APNs certificate is uploaded on the MDM MSP Server. If not, generate a new APNs and upload it on the MDM Server.

Third-party filters:

        If the network in which Mobile Device Manager Plus MSP server is installed has third-party web filter, ensure the third-party web filter has an exception for MDM MSP Server to connect to the internet.

 

NOTE: To verify whether the any whether the issue has been solved, you can retry to establish connection with the mobile device. On the MDM MSP web console, navigate to the Enrollment tab, click on Actions and select Verify Connectivity. If the above resolution do not work, try enrollment using Cellular Data. 

 

 


Applies to: Scanning the mobile device, Distributing Apps, Associating Profiles

Keywords: MDM scanning, Associating profiles, APNs, Mobile Device Management