What are the firewall exceptions that I need to configure in order to use Knox Manage?

In order to implement Knox Manage and Knox Remote Support in your enterprise deployment, you must configure the following URLs and port exceptions for the network of your device fleet.

Knox Manage exceptions

Device fleet contains URL Ports
All * 443 or 80
Android devices 443, 5228, 5229, 5230
Android devices on isolated network1 443 or 80
iOS devices 2195 2196
Windows devices * 443

1 An isolated network is a network that is separate from your enterprise IT network.

Knox Remote Support exceptions

Region Server Domain IP address Port Connection
Asia Relay ap‑rs‑ 45001 Mobile
WAS ap‑rs‑ - 443 Desktop
US Relay us‑rs‑ 45001 Mobile
WAS us‑rs‑ - 443 Desktop
EU Relay eu‑rs‑ 45001 Mobile
WAS eu‑rs‑ - 443 Desktop

For more information on the requirements for Knox Remote Support, see Knox Remote Support minimum requirements.