In order to use TinyMDM on devices connected to a network protected by a firewall, some settings are necessary. Indeed, our application uses Google’s FCM notification system, like most Android apps.

Here are the different proxy settings recommended by Google to make FCM notifications work:
Ports 5228, 5229, 5230 and 7275 must be added to the unrestricted IP whitelist. However, if you need to set up an IP restriction, you must also whitelist all the IP addresses of the IPv4 and IPv6 blocks listed in Google’s 15169 ASN (available here).

For more information, see this link to Google’s original documentation.

To use our remote view and remote control features, you must authorize:
UDP/443

In addition, you must allow the accesses regularly used by the various services of Google:

Destination Host

Ports

www.tinymdm.net

TCP/443

play.google.com
android.com
google-analytics.com
googleusercontent.com
*gstatic.com
*.gvt1.com
*.ggpht.com
dl.google.com
dl-ssl.google.com
android.clients.google.com
*.gvt2.com
*.gvt3.com

TCP/443

TCP, UDP/5228-5230

*.googleapis.com
m.google.com

TCP/443

accounts.google.com
accounts.google.[country]

TCP/443

gcm-http.googleapis.com
gcm-xmpp.googleapis.com
android.googleapis.com

TCP/443,5228-5230

fcm.googleapis.com
fcm-xmpp.googleapis.com

TCP/443,5228–5230

fcm-xmpp.googleapis.com
gcm-xmpp.googleapis.com

TCP/5235,5236

pki.google.com
clients1.google.com

TCP/443

clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com

TCP/443

omahaproxy.appspot.com

TCP/443

android.clients.google.com

TCP/443

ota.googlezip.net
ota-cache1.googlezip.net
ota-cache2.googlezip.net

TCP/443

connectivitycheck.android.com
connectivitycheck.gstatic.com
www.google.com

TCP/443