Network Requirements
In order for devices to successfully communicate with Mosyle and Apple, the following domains and ports will need to be released. Mosyle utilizes dynamic load balancing, therefore we do not have a specific IP range as servers can be added or removed at any time. It's recommended to release the Mosyle wildcard in the network to ensure all Mosyle domains and subdomains are allowed.
Required Mosyle domains:
- *.mosyle.com
- *.mosyle.io
Required domains for the Mosyle CDN:
- macosagent.azureedge.net
- mosylemanagerweb.blob.core.windows.net
- macosagents.blob.core.windows.net
Required Ports:
| Service Name | Port | Protocol |
| Web Service (http) | 80 | TCP |
| Web Service (https) | 443 | TCP |
| Push Notification | 2195, 2196, and 2197 | TCP |
| Mosyle macOS Agent Push Notification | 3000 | TCP |
| MDM Enroll | 1640 | TCP |
| APNs | 5223 | TCP |
| Internet Control (Web Filter) | 3180 | TCP |
| Apple Classroom | 3284 and 3285 | TCP/UDP |
Required Apple domains:
Be sure to release the entire IP range for Apple: 17.0.0.0/8, as well as all ports used by Apple software products which can be found here: https://support.apple.com/en-us/HT202944
It's also recommend to release all hosts and ports used for Apple products on Enterprise networks, which can be found here: https://support.apple.com/en-us/HT210060
No Comments