...
- Your local device is not running any DNS service.
- Do not apply any firewall rules to block TCP port 443 due to the following:
- Mobile endpoint must be able to access the following using TCP port 443:
- 52.119.40.100
- 52.119.41.100
- 103.80.5.100
- 103.80.6.100
- Mobile endpoint must be able to access the following using TCP port 443:
- csp.infoblox.com
- threatdefense.infoblox.com and its subdomains
- Mobile endpoint must be able to access the following using TCP port 443:
- Do not apply any firewall rules to block UDP port 53 due to the following:
- Mobile endpoint must be able to access 52.119.40.100 and 103.80.5.100 using UDP port 53. The UDP port 53 query is used to identify (1) the public IP address of the mobile endpoint and (2) the AWS region to which mobile endpoint is connected.
- If your organization wants to restrict users from disabling the endpoint application on the mobile device, then make sure that the parameter “allowServiceControl" is set to False in the MDM application configuration.
- To make sure that devices on your network have a unique username in the Cloud Services Portal, verify the parameter “userId“ value in the MDM application configuration is properly configured and not set to the default value as per the application configuration that Infoblox provides.
- To make sure the user is not able to disable or delete the VPN configuration on the device, add the device configuration in the MDM and push it to the devices on your network. This configuration would also take care of automatically configuring VPN on the device without any need for the user to to allow it. For additional information, see information in the MDM BloxOne enrollment documentation.
...