Firewall Ports, IP Addresses, and URLs Used by Jamf School

This section describes the firewall ports, IP addresses, and URLs used for connections with Jamf School, the Jamf School server, and Jamf School apps.

Ports

To ensure that Jamf School can communicate properly with managed devices and Apple, whitelist the following ports:

Port

Protocol

Description

Connections Initiated

5223/443

TCP

Ensures Jamf School can communicate properly with managed devices. Be sure to allow outbound connections to and redirects from Apple’s 17.0.0.0/8 block over these ports from all client networks. This ensures that Apple Push Notification service (APNs) will function correctly on your network.

To Jamf School and to APNs.

389/636

LDAP or LDAPS

Directory service integration via LDAP (389) or LDAP over SSL (LDAPS/636) can be used for user authentication, device assignment, and user information and group membership lookups.

 

Jamf School server to LDAP/Domain controller

Note: All Jamf School server LDAP connections will originate from the Jamf School server.

IP Addresses

Ensure that the following IP addresses are whitelisted:

IP Address

Description

34.194.184.59 and 34.227.122.7

(LDAP only) Authentication requests to your LDAP server may come from these IP addresses.

52.23.63.224/27

Cloudfare's current IP ranges. All MDM requests will go through Amazon Web Services (AWS).

46.4.54.150

Used to distribute macOS packages.

URLs

Apple software, including iOS, macOS, and iTunes, uses different ports and servers to connect to various services. iTunes for Windows also installs some processes that run in the background when the software is open. To avoid app installation issues, make sure to whitelist the URLs in the following article from Apple's support website: https://support.apple.com/HT201999

In addition to whitelisting the URLs used by Apple, ensure the following URLs are also whitelisted:

URL

Description

schoolname.jamfcloud.com/api

Ensures scripting works properly.

*.jamfcloud.com

The *.jamfcloud.com address must be whitelisted with a " * " wildcard because several different addresses are used for different services.

Related Information

For related information on TCP and UDP ports used by Apple, see the following article from Apple's support website: https://support.apple.com/HT202944


Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.