Before you configure real-time push notifications

Before you configure real-time push notifications;

  • Configure, distribute, and install Email+ for iOS. \

Real time notification is supported for Email+ 2.4 0 for iOS through the most recently released version .

For information about installing Email+ for iOS, see Configuring Email+ for iOS.

  • Open port 443, for outbound only HTTPS requests, on your firewall to allow Exchange to send notifications to MobileIron CNS. The URL for the CNS server is https://cns.mobileiron.com/PROD. Alternately, you can enter the following IP addresses:
    • 13.56.49.23
    • 34.253.2.239

Ivanti strongly recommends entering the URL for the notification server, as the IP addresses for the server might change.

  • Ensure that Go Daddy is available in the Exchange trust store as a trusted certificate authority (CA). The Cloud notification service uses the Go Daddy CA.

Configuring EWS to send push notifications

These steps are applicable for both Exchange 2010 and 2013 servers.

Before you begin 

  • You must have enabled EWS on the Exchange server.

Procedure 

  1. On the Exchange server, launch IIS Manager.
  2. Go to Server > Sites > Default Web Site > EWS.
  3. EWS home authentication and authorization

  4. Verify that the Authentication and Authorization Rules roles are added to IIS.
  5. Open Authentication and Enable Basic Authentication.
  6. Open Authorization Rules and add rule to Allow for All users if it was not added automatically.

Next steps 

Configuring additional Exchange setup for identity certificates

Perform these steps only if your setup uses Tunnel and identity certificates for authentication to EWS and ActiveSync.

Procedure 

  1. On the Exchange server, launch IIS Manager.
  2. Go to Server > Sites > Default Web Site > EWS.
  3. Click on SSL Settings.
  4. Check Require SSL.
  5. For Client certificate, select Accept.
  6. In the EWS directory, click on Configuration Editor and browse to the clientCertificateMappingAuth option. Set the value for the option to True.
  7. In the EWS directory, click on Authentication and enable the Windows Authentication option. Disable all other authentication types.

Next steps