14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Configurations
  3. Architecture and sub-processor

Category filter

Network Ports used by Hexnode UEM

Jump To

This article explains the network ports used for connections with Hexnode or for integrating third-party services.

A port is a specific location through which information flows between various computers or networks. Hexnode uses several ports for enrolling and managing Android, Apple, and Windows devices. Make sure to keep these ports open for a full MDM feature implementation.

Following is the list of several ports needed for establishing connectivity between the various servers and components in Hexnode UEM.

Ports for Android devices

Communications for enrolling and managing Android devices use HTTPS on TCP 443. Hexnode uses standard FCM ports and services (Ports 5228, 5229, and 5230). The port 1883 (outbound) can be used for devices without FCM.

Port Number Inbound/Outbound Source Destination Description
8998 Outbound AD Agent Hexnode Cloud (i.e., Provide your portal name) AD Agent Service
443 Bidirectional Android Devices
  • *.samsungknox.com
  • *.secb2b.com
  • *.samsung.com
 Samsung Knox Enrollment
443 Bidirectional Android Device www.googleapis.com Zero-touch Enrollment
443 Bidirectional Android Device
  • *play.googleapis.com
  • *.googleusercontent.com
  • android.clients.google.com
  • *.ggpht.com
  • *.gvt1.com
  • com.android.providers.downloads
 App Management
443 Bidirectional Hexnode Cloud (i.e., Provide your portal name) Devices HTTPS port used for secure and encrypted communication between Hexnode server and devices
443 Bidirectional Devices
  • s3.eu.central-1.amazonaws.com
  • s3.amazonaws.com
 HTTPS port used for file, app management.
443 Bidirectional Devices
  • *.manage.microsoft.com
  • *api.office.com
  • *go.microsoft.com
  • *login.windows-ppe.net
  • *secure.aadcdn.
    microsoftonline-p.com
  • *vortex.data.microsoft.
    com
 HTTPS port used for Office365 Login.
5228, 5229, 5230 Bidirectional Android Devices Internet Receive push notifications via Firebase Cloud Messaging (FCM)
3478 (TCP and UDP), 5349 (TCP) Bidirectional Android Devices
  • global.stun.twilio.com
  • global.turn.twilio.com
 Simple Traversal of UDP Through NAT (STUN) port for Remote View support, STUN over TLS for Remote View support.
443 Bidirectional Android Devices remoteview.hexnodemdm.
com		 Remote View Server

Ports for Apple devices

Communications for enrolling and managing devices use HTTPS on TCP 443. Hexnode uses standard ports (TCP 2195 – outbound) to communicate with APNs (host address is gateway.push.apple.com). If the Apple devices are connected to the internet through Wi-Fi and fail to receive APNs notifications, there are chances that the firewall in your network blocks the outbound port 5223. Make sure that this port remains open to TCP traffic for notifications to work.

Port Number Inbound/Outbound Source Destination Description
8998 Outbound AD Agent Hexnode Cloud (i.e., Provide your portal name) AD Agent Service
443 Bidirectional Apple Devices mesu.apple.com HTTPS port used for secure and encrypted communication between Hexnode server and Apple devices.
443 Bidirectional Hexnode Cloud (i.e., Provide your portal name) Devices HTTPS port used for secure and encrypted communication between Hexnode server and devices
443 Bidirectional Devices
  • s3.eu.central-1.amazonaws.com
  • s3.amazonaws.com
 HTTPS port used for file, app management.
443 Bidirectional Devices
  • *.manage.microsoft.com
  • *api.office.com
  • *go.microsoft.com
  • *login.windows-ppe.net
  • *secure.aadcdn.
    microsoftonline-p.com
  • *vortex.data.microsoft.
    com
 HTTPS port used for Office365 Login.
3478 (TCP and UDP), 5349 (TCP) Bidirectional iOS Devices
  • global.stun.twilio.com
  • global.turn.twilio.com
 Simple Traversal of UDP Through NAT (STUN) port for Remote View support, STUN over TLS for Remote View support.
443 Bidirectional iOS Devices remoteview.hexnodemdm.
com		 Remote View Server
5223 Inbound Apple Devices 17.0.0.0/8 Apple Push Notification service (APNs) for Apple devices.
Notes:


Allow access for the entire 17.0.0.0/8 address block as Apple may use any address from the range for pushing notifications.

Or you may open access to the following network ranges via the same ports:

IPv4

  • 17.249.0.0/16
  • 17.252.0.0/16
  • 17.57.144.0/22
  • 17.188.128.0/18
  • 17.188.20.0/23

    • IPv6

  • 2620:149:a44::/48
  • 2403:300:a42::/48
  • 2403:300:a51::/48
  • 2a01:b740:a42::/48

    • Ports for Windows devices

    TCP port 443 is used in the case of the Windows Notification Service.

    Port Number Inbound/Outbound Source Destination Description
    8998 Outbound AD Agent Hexnode Cloud (i.e., Provide your portal name) AD Agent Service
    443 Bidirectional Windows Devices
    • *.notify.live.net
    • *.wns.windows.com
    • *.notify.windows.com
    		 HTTPS port used for secure and encrypted communication between Hexnode server and Windows devices.
    443 Bidirectional Hexnode Cloud (i.e., Provide your portal name) Devices HTTPS port used for secure and encrypted communication between Hexnode server and devices
    443 Bidirectional Devices
    • s3.eu.central-1.amazonaws.com
    • s3.amazonaws.com
    		 HTTPS port used for file, app management.
    443 Bidirectional Devices
    • *.manage.microsoft.com
    • *api.office.com
    • *go.microsoft.com
    • *login.windows-ppe.net
    • *secure.aadcdn.
      microsoftonline-p.com
    • *vortex.data.microsoft.
      com
    		 HTTPS port used for Office365 Login.
    Need more help?
    Raise a Ticket Raise a Ticket
    Ask Community Ask Community
    Chat With us Chat With us
  • Configurations