Firewall Ports, IP Addresses, and URLs Used by Jamf School
This section describes the firewall ports, IP addresses, and URLs used for connections with Jamf School, the Jamf School server, and Jamf School apps.
Ports
To ensure that Jamf School can communicate properly with managed devices and Apple, whitelist the following ports:
|
Port |
Protocol |
Description |
Connections Initiated |
|
5223/443 |
TCP |
Ensures Jamf School can communicate properly with managed devices. Be sure to allow outbound connections to and redirects from Apple’s 17.0.0.0/8 block over these ports from all client networks. This ensures that Apple Push Notification service (APNs) will function correctly on your network. |
To Jamf School and to APNs. |
|
389/636 |
LDAP or LDAPS |
Directory service integration via LDAP (389) or LDAP over SSL (LDAPS/636) can be used for user authentication, device assignment, and user information and group membership lookups.
|
Jamf School server to LDAP/Domain controller Note: All Jamf School server LDAP connections will originate from the Jamf School server. |
IP Addresses
Ensure that the following IP addresses are whitelisted:
|
IP Address |
Description |
|
34.194.184.59 and 34.227.122.7 |
(LDAP only) Authentication requests to your LDAP server may come from these IP addresses. |
|
52.23.63.224/27 |
Cloudfare's current IP ranges. All MDM requests will go through Amazon Web Services (AWS). |
|
46.4.54.150 |
Used to distribute macOS packages. |
URLs
Apple software, including iOS, macOS, and iTunes, uses different ports and servers to connect to various services. iTunes for Windows also installs some processes that run in the background when the software is open. To avoid app installation issues, make sure to whitelist the URLs in the following article from Apple's support website: https://support.apple.com/HT201999
In addition to whitelisting the URLs used by Apple, ensure the following URLs are also whitelisted:
|
URL |
Description |
|
schoolname.jamfcloud.com/api |
Ensures scripting works properly. |
|
*.jamfcloud.com |
The *.jamfcloud.com address must be whitelisted with a " * " wildcard because several different addresses are used for different services. |
Related Information
For related information on TCP and UDP ports used by Apple, see the following article from Apple's support website: https://support.apple.com/HT202944