Mobile device configuration (Wi-Fi requirements)
Wi-Fi
requirements)The port requirements in this section are for mobile devices to connect to the
BlackBerry Infrastructure
. These addresses and ports may not required by the BlackBerry UEM
server components. For example, in a typical Wi-Fi
network setup, connectivity to the internet on port 443 is allowed, but connectivity to APNs may be blocked.Mobile devices managed by
UEM
also have specific connectivity requirements. Whether the device is attempting a connection over the mobile network or a Wi-Fi
network, the port requirements must be met.<region> represents a unique region code depending on the EULA selected during installation. For example, if Canada was selected, then <region> is ca. To find a specific country code, see the ISO Standard.
Device OS | TCP port | Protocol | Domain |
|---|---|---|---|
BlackBerry 10 OS , iOS , Android OS , iOS, Windows Phone OS | 443 | HTTPS/TLS 1 | <region>.bbsecure.com |
iOS | 5223 | TCP | gateway.push.apple.com |
EMM/ Google APIs 2 | 443 | TCP | android.apis.google.com |
Google
Play 2 | TCP/443 TCP,UDP/5228-5230 | TCP, UDP | play.google.com, googleusercontent.com, google-analytics.com, gstatic.com, android.com, gvt1.com, gvt2.com, ggpht.com |
Google authentication 2 | 443 | TCP | accounts.google.com |
Google Cloud Messaging 2 | TCP/443,5228-5230, 5235,5236 | TCP | gcm-http.googleapis.com, gcm-xmpp.googleapis.com, android.googleapis.com |
Google Firebase Cloud Messaging 2 | TCP/443,5228-5230 | TCP | fcm.googleapis.com, fcm-xmpp.googleapis.com |
Google certificate revocation 2 | 443 | TCP | pki.google.com, clients[1-9].google.com |
BlackBerry 10 OS (version 10.3.2 and later) and Android OS (Android for Work /Samsung Knox ) | 443 | TCP | <region>.turnd.bbsecure.com |
BlackBerry 10 OS (BlackBerry World for Work) | 80 | HTTP | appworld.blackberry.com |
BlackBerry 10 OS (version 10.3.1 and later) | 80 | HTTP | icc.blackberry.com/v1/wifi/ |
BlackBerry
Dynamics apps | 49152 | TCP | gdmdc.good.com |
BlackBerry
Dynamics apps | 443 | TCP | gdmdc.good.com |
BlackBerry
Dynamics apps | 15000 | TCP | gdrelay.good.com |
BlackBerry
Dynamics apps | 443 | TCP | gdrelay.good.com |
BlackBerry
Dynamics apps | 443 | TCP | gdweb.good.com |
BlackBerry
Dynamics apps | 443 | TCP | gdentgw.good.com |
BlackBerry Analytics 3 | 443 | TCP | analytics.blackberry.com receiver.analytics.blackberry.com |
BlackBerry UEM Client | 443 | HTTPS | discoveryservice.blackberry.com |
BlackBerry Android certificate server | 80 | HTTP | pki.services.blackberry.com |
CylancePROTECT | 443 | HTTPS | score.cylance.com |
BlackBerry Enterprise Identity | 443 | HTTPS | idp.blackberry.com |
1
In addition to standard HTTPS traffic, BlackBerry UEM
components may also need to make an HTTP CONNECT and HTTP OPTIONS call on port 443. Because some firewalls are configured to block non-HTTPS traffic detected on port 443, this traffic may need to be explicitly allowed. Similarly, some firewalls incorrectly recognize TLS traffic on port 3101 as nonstandard and block the traffic. Ensure that necessary allow lists are in place on your firewall or other network appliances. 2
When using Samsung Knox
with BlackBerry Secure Connect Plus
, all device traffic, including HTTP and TCP traffic, is redirected to the BlackBerry UEM
server. The device-side TCP ports must be allowed from the BlackBerry UEM
server. For more information, visit support.blackberry.com/community to read article 46317. 3
To open the firewall to specific IP addresses, for analytics.blackberry.com use 74.82.73.148, and for receiver.analytics.blackberry.com use 74.82.73.149.