05-15-2013 01:58 PM
Why in gods name does the new Secure Connect Service in BES10.1 require a direct connection to the Blackberry Infrastructure on port3101 and not via our existing BB Router in the DMZ.
This completely defeats the point of having the Router in the DMZ in the first place.
Unless I am missing something? Happy to be corrected.
We have installed a brand new single server with BES10.1 on it, the BDS part has the option to define the SRP connect so it connects via the Router, but I can't see anything for UDS.
I can see it trying to connect to gb.bbsecure.com:3101 directly in the firewall logs.
I'm rockin the BlackBerry Passport, Z30, Z10, Q10, BlackBerry Mini Stereo Speaker, 64 gig PlayBook, BlackBerry Wireless Headset HS-700
05-17-2013 01:56 PM
The BlackBerry Router manages the connection to the BlackBerry Infrastructure for the BlackBerry Device Service.
I dont see UDS mentioned anywhere
BESAdmin's, please make a signature with your BES environment info.
BES 12 and BES 5.0.4 with Exchange 2010 and SQL 2012 Hyper V
05-21-2013 02:26 AM - edited 05-21-2013 03:22 AM
Except if i'm wrong... according to the release note, everything should pass trough the BES Router...
What's new in BlackBerry Enterprise Service 10 version 10.1 Consolidate ports for managing iOS devices and Android devices: BlackBerry Enterprise Service 10 no longer requires you to open inbound ports in your organization's firewall to send activation and management traffic to iOS devices and Android devices. Activation and management traffic for devices takes place over outbound-initiated, bi-directional port 3101, as it does for BlackBerry 10 devices and BlackBerry PlayBook tablets.
05-22-2013 10:13 AM
I asked a blackberry support tech about this - at the moment you can't tell UDS to use a router in the DMZ it is trying with direct connection only. YOu have to use a TCP proxy to forward the data.
05-22-2013 11:09 AM
Thats not great news. Why didn't they think people wouldn't want to punch a hole in their firewall (which we aren't allowed to do directly to internal servers).
The whole reason we went Blackberry was because of the router component seperating traffic.