Introduction
This article covers the network requirements for using our services, including datajar.mobi and Jamf Auto Update.
Please note: The following information may change at any time and as such may not be complete. Additionally, the below traffic needs to be direct; this means not proxied, nor inspected or SSL decrypted.
Device network requirements for datajar.mobi
These are required for the management of Apple devices by datajar.mobi:
Source |
Destination |
Port |
dataJAR/Jamf Cloud |
*.datajar.mobi |
443 (tcp) |
Apple |
*.apple.com |
80, 443, 5223 (tcp) |
Apple |
*.cdn-apple.com |
80, 443 (tcp) |
Apple |
*.apple-cloudkit.com |
80, 443 (tcp) |
Apple |
*.mzstatic.com |
80, 443 (tcp) |
Content delivery network |
*.2o7.net |
80, 443 (tcp) |
Content delivery network |
*.akadns.net |
80, 443 (tcp) |
Content delivery network |
*.akamai.net |
80, 443 (tcp) |
Content delivery network |
*.akamaiedge.net |
80, 443 (tcp) |
Content delivery network |
*.akamaitechnologies.com |
80, 443 (tcp) |
Content delivery network |
*.edgekey.net |
80, 443 (tcp) |
Content delivery network |
*.edgesuite.net |
80, 443 (tcp) |
Content delivery network |
*.footprint.net |
80, 443 (tcp) |
Content delivery network |
*.amazonaws.com |
80, 443 (tcp) |
Content delivery network |
*.symcb.com |
80, 443 (tcp) |
Content delivery network |
*.symcd.com |
80, 443 (tcp) |
Certificate validation |
crl.entrust.net |
80 (tcp) |
Certificate validation |
crl3.digicert.com |
80 (tcp) |
Certificate validation |
crl4.digicert.com |
80 (tcp) |
Certificate validation |
ocsp.digicert.com |
80 (tcp) |
Certificate validation |
csp.entrust.net |
80 (tcp) |
Certificate validation |
ocsp.verisign.net |
80 (tcp) |
Time services |
time.apple.com |
123 (udp) |
Time services |
time-ios.apple.com |
123 (udp) |
Time services |
time-macos.apple.com |
123 (udp) |
Accelerator network requirements
If your datajar.mobi service includes an Accelerator, please ensure the following requirements are met:
Source |
Destination |
Port |
Any |
Any |
80/443 (tcp) |
Time services |
ntp.ubuntu.com |
123 (udp) |
Additionally, macOS devices managed by your datajar.mobi service will need access to your Accelerator whilst within your network to the following ports:
Source |
Destination |
Port |
macOS Devices |
Accelerator Appliance |
80/443 (tcp) |
Additional integrations for datajar.mobi
If your datajar.mobi service has one or more of additional integrations listed below, then see the below to allow inbound traffic from datajar.mobi.
This is for, (and not limited to), the following:
- LDAP/LDAPS
- Jamf Infrastructure Manager
- ADCS
- SCEP proxy
The port(s) required will depend on the additional integration itself.
Source |
Destination |
dataJAR |
185.43.40.101 |
Jamf Cloud (eu-west2) |
Network requirements for Jamf Auto Update
The following network requirements are for macOS devices utilising Jamf Auto Update.
This is in addition to the access required for the devices to be managed by your Jamf Pro instance.
Jamf Auto Update 1.3+
Source |
Destination |
Port |
Content delivery network |
auto-update-cdn.datajar.mobi |
443 (TCP) |
Content delivery network |
envquery.datajar.mobi |
443 (TCP) |
Jamf Auto Update prior to 1.3
Source |
Destination |
Port |
Content delivery network |
auto-update.datajar.mobi |
443 (TCP) |
Content delivery network |
envquery.datajar.mobi |
443 (TCP) |
Need further support?
If you still require assistance with us or have any further questions, please raise a ticket with our support team.
Alternatively, please see our frequently updated knowledge base articles for reference.