APNs is not reachable


Trying to reach a managed mobile device, fails and you get the error message "APNs is not reachable"


This could happen due to various reasons, such as:

  • Port blocked
  • Proxy not configured
  • Invalid APNs certificate
  • Third-party filters


Port blocked:

Ensure that the following ports are open:

TCP port # 2195 should be opened on the Mobile Device Manager Plus firewall, this allows the Mobile Device Manager Plus server to communicate with the APNs.

TCP port # 5223 should be opened on the firewall/proxy settings, if the mobile devices connects to the internet via Wi-Fi.

Additionally, ensure that the domain is also open on the Mobile Device Manager Plus firewall.

Proxy not configured:

If the network in which Mobile Device Manager Plus server is installed has a proxy, ensure that the proxy settings are configured. Verify the user name and the password for proxy authentication, so that the server can reach the APNs.

Invalid APNs certificate:

Ensure the latest APNs certificate is uploaded on the MDM Server. If not, generate a new APNs and upload it on the MDM Server.

Third-party filters:

        If the network in which Mobile Device Manager Plus server is installed has third-party web filter, ensure     the third-party web filter has an exception for MDM Server to connect to the internet.


NOTE: To verify whether the any whether the issue has been solved, you can retry to establish connection with the mobile device. On the MDMP web console, navigate to the Enrollment tab, click on Actions and select Verify Connectivity. If the above resolution do not work, try enrollment using Cellular Data. 

If you're still unable to resove the issue, contact MDM Support (mdm-support@manageengine.com).


Applies to: Scanning the mobile device, Distributing Apps, Associating Profiles

Keywords: MDM scanning, Associating profiles, APNs, Mobile Device Management