How does Moki communicate with iOS devices?
Moki communicates to your iOS devices through the Apple Push Notifications channel, commonly called APNs. This is why the first thing you do is register your Moki account with APNs. Now, every device that enrolls with Moki receives the APNs cert that you loaded from Apple to Moki, thus authorizing Moki to communicate with your device. That way when you send an app or a profile to the device Apple knows that it is okay for us to do that. How that happens talk to the device is simple. When you send an action to a device, we send a message to Apple’s servers telling them to tell your device it has something to do, we don’t actually get to talk to the device directly. Apple then reports back to Moki whether or not it was able to deliver the message and if the device was able to act on that message. We display the message we receive back in the Action History of the device for you to see.
What is needed for Moki to communicate with devices?
The lifeblood of any mobile device rollout is the connectivity of the device. In order for Moki to communicate with the device there are ports that should be open constantly. It is also recommended that you get a dedicated network for the devices to connect to so that they can have maximum bandwidth and accessibility.
The following domains should be allowed, (open port requirements):
| RULE | HOSTNAME | PORT | PURPOSE | IF IT FAILS |
| 1 | MokiManage.com | 443 | HTTPS | Indicator of poor network health but doesn’t mean Moki can’t run |
| 2 | MokiManage.appspot.com | 80 & 443 | HTTP/S | Indicator of poor network health but doesn’t mean Moki can’t run |
| 3 | Networkcheck.MokiMobility.com | 80 & 443 | HTTP/S | Indicator of poor network health but doesn’t mean Moki can’t run |
| 4 | Commondatastorage.googleapis.com | 80 & 443 | HTTP/S | Indicator of poor network health but doesn’t mean Moki can’t run |
| 5 | Push.apple.com (use courier.sandbox.push.apple.com as the hostname in the test) – only if you open the block mentioned above |
443, 2195, 2196 & 5223 | Push Notifications, updates to the app |
Can’t send device information to MokiManage or receive updates or actions |
Note: An alternative to Rule #5 would be to open the entire gateway.push.apple.com 17.0.0.0/8 block.
How to check that these are working
Go to http://ipfingerprints.com/portscan.php and replace the IP with HOSTNAME from above. Enter the port you want to test as the Start AND End Port. If they are open then you will see the words Open in green next to the port number. Example, if you try to test rule 4, go to http://ipfingerprints.com/portscan.php and use Commondatastorage.googleapis.com for the IP and 80 as the Start port and 80 for the End port and hit Scan. Then retest with 443 as the Start port and 443 as the End port. You will see a green Open next to the ports if they are both successful.
How frequently does Moki communicate with device?
Moki sends a small ping to the device every hour to receive any updated information. This information is about 2-3 kb in size for the most part. Moki enabled apps, like MokiTouch 2 or an app with the SDK embedded also have an hourly ping that sends back information that has been captured over the last hour.
