To be enabled (https://mobilock.in, https://mobilock.s3-website-eu-west-1.amazonaws.com/ and https://d17n3uawl7kvhu.cloudfront.net) in the firewall.
Allow IP: 188.166.37.22 (Basically allow the outbound request to connect to both: 80 and 443 port, mobilock always uses HTTPS and most firewalls allow this unless explicitly disabled). The S3 URL given above will have dynamic IP, so allow the entire domain “mobilock.s3-website-eu-west-1.amazonaws.com" if possible).
d17n3uawl7kvhu.cloudfront.net = This is CDN Edge Server, MobiLock MDM Server distributes the admin uploaded APK through this server for faster download. It has a dynamic IP as it will choose the closest location available. We suggest you to add a FQDN entry for this domain if possible. We only need this if you want to remotely install APK's on devices.
For Android push notifications to work, please read the section below
--------------------------------------------------------------------------------------------
The Android device accesses the GCM servers on ports 5228-5230. If your organization has a firewall that restricts the traffic to or from the Internet, you'll need to configure it to allow connectivity with GCM. The ports to open are: 5228, 5229, and 5230. GCM typically only uses 5228, but it sometimes uses 5229 and 5230. GCM doesn't provide specific IPs. It changes IPs frequently. So you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169 (https://www.dan.me.uk/bgplookup?asn=15169).
If your devices are running Android 4.3+ then you may not need to do the above changes, as the newer Android versions will fall back to port 443 (i.e HTTPS) in case the above mentioned ports are blocked (do test it once on your end to see if it is working or not).
Alternatively, you can try by adding following FQDN entries:
port: 5228, host: mtalk.google.com
port: 443, host: android.googleapis.com
port: 443, host: android.client.google.com
Allow IP: 188.166.37.22 (Basically allow the outbound request to connect to both: 80 and 443 port, mobilock always uses HTTPS and most firewalls allow this unless explicitly disabled). The S3 URL given above will have dynamic IP, so allow the entire domain “mobilock.s3-website-eu-west-1.amazonaws.com" if possible).
d17n3uawl7kvhu.cloudfront.net = This is CDN Edge Server, MobiLock MDM Server distributes the admin uploaded APK through this server for faster download. It has a dynamic IP as it will choose the closest location available. We suggest you to add a FQDN entry for this domain if possible. We only need this if you want to remotely install APK's on devices.
For Android push notifications to work, please read the section below
--------------------------------------------------------------------------------------------
The Android device accesses the GCM servers on ports 5228-5230. If your organization has a firewall that restricts the traffic to or from the Internet, you'll need to configure it to allow connectivity with GCM. The ports to open are: 5228, 5229, and 5230. GCM typically only uses 5228, but it sometimes uses 5229 and 5230. GCM doesn't provide specific IPs. It changes IPs frequently. So you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169 (https://www.dan.me.uk/bgplookup?asn=15169).
If your devices are running Android 4.3+ then you may not need to do the above changes, as the newer Android versions will fall back to port 443 (i.e HTTPS) in case the above mentioned ports are blocked (do test it once on your end to see if it is working or not).
Alternatively, you can try by adding following FQDN entries:
port: 5228, host: mtalk.google.com
port: 443, host: android.googleapis.com
port: 443, host: android.client.google.com