Special settings in case of firewall
What settings should I change to use TinyMDM with a firewall?
In order to use TinyMDM on devices connected to a network protected by a firewall, some settings are necessary. Indeed, our application uses Google’s FCM notification system, like most Android apps.
Here are the different proxy settings recommended by Google to make FCM notifications work:
Ports 5228, 5229, 5230 and 7275 must be added to the unrestricted IP whitelist. However, if you need to set up an IP restriction, you must also whitelist all the IP addresses of the IPv4 and IPv6 blocks listed in Google’s 15169 ASN (available here).
For more information, see this link to Google’s original documentation.
To use our remote view and remote control features, you must authorize:
UDP/443
In addition, you must allow the accesses regularly used by the various services of Google:
Destination Host
Ports
www.tinymdm.net
TCP/443
play.google.com
android.com
google-analytics.com
googleusercontent.com
*gstatic.com
*.gvt1.com
*.ggpht.com
dl.google.com
dl-ssl.google.com
android.clients.google.com
*.gvt2.com
*.gvt3.com
TCP/443
TCP, UDP/5228-5230
*.googleapis.com
m.google.com
TCP/443
accounts.google.com
accounts.google.[country]
TCP/443
gcm-http.googleapis.com
gcm-xmpp.googleapis.com
android.googleapis.com
TCP/443,5228-5230
fcm.googleapis.com
fcm-xmpp.googleapis.com
TCP/443,5228–5230
fcm-xmpp.googleapis.com
gcm-xmpp.googleapis.com
TCP/5235,5236
pki.google.com
clients1.google.com
TCP/443
clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com
TCP/443
omahaproxy.appspot.com
TCP/443
android.clients.google.com
TCP/443
ota.googlezip.net
ota-cache1.googlezip.net
ota-cache2.googlezip.net
TCP/443
connectivitycheck.android.com
connectivitycheck.gstatic.com
www.google.com
TCP/443