Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.13
  3. Planning and Architecture
  4. BlackBerry UEM and BEMS Planning Guide
  5. Port requirements
  6. Configuring ports
  7. Intranet connections

Intranet connections

Connections initiated by the 
BlackBerry UEM Core

To simplify administration and support certain device features, the 
BlackBerry UEM Core
 must be able to connect to your organization's intranet applications. Examples of intranet applications include 
Microsoft Active Directory
, an LDAP directory, 
Microsoft Exchange
, or an SMTP server.
Consult the documentation or support resources for your organization’s applications to identify the ports that 
BlackBerry UEM
 must be able to access.

Intranet port configurations for 
BlackBerry Proxy

On each computer that hosts 
BlackBerry Proxy
, verify that the following inbound ports are open, available, and not used by other servers or processes:
  • 17080
  • 17433
The computer that hosts 
BlackBerry Proxy
 should have at least 30,000 ports in the dynamic TCP port allocation for outbound connections to the 
BlackBerry Dynamics
 NOC (when 
Direct Connect
 is configured, these ports become inbound).
To route connections from 
BlackBerry Dynamics
 apps through a web proxy server, the proxy server must support the HTTP Connect command and must not require authentication. Your organization’s internal firewall must allow connections over port 17533. If you do not configure a web proxy server for a 
BlackBerry Proxy
 instance, your organization’s internal and external firewalls must allow connections over port 17533.
 For more information about configuring 
BlackBerry Proxy
see the Configuration content.

Connections initiated by 
BlackBerry 10
 devices

BlackBerry 10
 devices can access your organization's internal applications through 
BlackBerry UEM
 using the outbound-initiated port 3101 connection. Examples of internal applications include your organization's messaging software, or work browser access to intranet sites (HTTP/HTTPS).
Consult the documentation or support resources for your organization’s applications to identify additional ports that 
BlackBerry UEM
 must be able to access.

Access to internal data from devices

For 
iOS
Android
, and 
Windows
 devices, 
BlackBerry UEM
 sends and receives only activation and management data through the outbound-initiated port 3101 connection to the 
BlackBerry Infrastructure
 and the 443 connection to the 
BlackBerry Dynamics NOC
.
All other data, such as messaging data and data from third-party applications, require alternate inbound connections from devices directly to the application. Consult the documentation or support resources for your organization's messaging software and third-party applications to identify the ports that you must open, or investigate alternate access methods such as VPN.