APNs with Always-On IKEv2 VPN

RDowson's picture

RDowson

Joined: Jul 1, 2016
Your rating: None (6 votes)

We have an always-on IKEv2 VPN with a Global HTTP Proxy profile pointing to our internal proxy server.

We are using AirWatch in the cloud to manage the devices.

When the VPN is on APNs doesn't seem to be connecting the devices.

We have opened up the full 17.0.0.0/8 address block into our environment for TCP ports 5523, 2195, 2196 and 443 as described in this apple document - https://support.apple.com/en-gb/HT203609

Do we also need to apply the rule the other way so that the devices can connect back to APNs?

AirWatch seem to suggest that the devices don'e connect back to APNs and instead connect straight back to the console.

Can someone help with this please?

Top
carloslozada's picture

carloslozada

Joined: May 25, 2016
WWW

Hi may I know which APN are

Your rating: None

Hi may I know which APN are you using?

Kind regards,

Haxcopltd.com
Carlos L.

Top
RDowson's picture

RDowson

Joined: Apr 8, 2016

I'm not using an APN. I'm

Your rating: None

I'm not using an APN. I'm referring to APNs.

Top
carloslozada's picture

carloslozada

Joined: May 25, 2016
WWW

Have you check the signed

Your rating: None

Have you check the signed cert on apple are the one that you are currently used on your airwatch, I will recomm to revoke the current APNS and re add new one. that will be a common cause. otherwise I suggest to verify the one you are using are correct.

PS I'm not familiar with airwatch software,

I use mac server x and accessmylan

Kind regards,

Haxcopltd.com
Carlos L.

Top
RDowson's picture

RDowson

Joined: Apr 8, 2016

All certificates are fine.

Your rating: None

All certificates are fine. APNs works fine on any device without the VPN.

Top

Who is online?

There are currently 0 admins, 0 users and 17 guests online. Connected users: .

Recent Activity