You are unable to reach a managed mobile device and get the error message "APNs is not reachable"
This could happen due to various reasons, such as:
Ensure that the following ports are open:
TCP port # 2195 should be opened on the external firewall, this allows the MDM server to communicate with the APNs.
TCP port # 5223 should be opened on the firewall/proxy settings, if the mobile devices connects to the internet via Wi-Fi.
NOTE: From MDM build number 92179, ensure api.push.apple.com is allowlisted on outgoing port 443 of the firewall/proxy server.
If the network in which MDM server is installed has a proxy, ensure that the proxy settings are configured. Verify the user name and the password for proxy authentication, so that the server can reach the APNs.
Ensure the latest APNs certificate is uploaded on the MDM Server. If not, generate a new APNs and upload it on the MDM Server.
If the network in which MDM server is installed has third-party web filter, ensure that the third-party web filter has an exception for MDM Server to connect to the internet.
NOTE: To verify whether the issue has been solved, you can retry establishing connection with the mobile device. On the MDM server, navigate to the Enrollment tab, click on Actions and select Verify Connectivity. If the above resolution does not work, try enrolling using Cellular Data.
If you're still unable to resove the issue, contact MDM Support (firstname.lastname@example.org).
Applies to: Scanning the mobile device, Distributing Apps, Associating Profiles
Keywords: MDM scanning, Associating profiles, APNs, Mobile Device Management