Skip to main content
MDM Intune
MDM Intune
New Member
May 4, 2026
Question

Dedicated Mobile APN - Android Enterprise Corporate-owned dedicated devices

  • May 4, 2026
  • 2 replies
  • 82 views

Hello,

We have set up at our MDM solution(Microsoft Intune) a Corporate-owned dedicated profile and configured it to use only specific Mobile APN. We want to allow access from this APN to Google Enterprise Destinations Hosts. I found the below article, Android Enterprise Network Requirements - Android Enterprise Help.

However the Network Team which manages this APN, requires IPs instead of host names(FQDN). Then, I read the end of the article which says “If you need to allow traffic based on IP, you should allow your firewall to accept outgoing connections to all addresses contained in the IP blocks listed in Google's ASN of 15169 listed here.”

I have 2 questions: 

  1. Are all these IPs(some not Google as per description) needed;
  2. Do the ports remain the same, TCP 443, TCP,UDP 5228-5230
  3. What about time.google.com which requires UDP 123;

I understand that these IPs are not static and may be changed.

 

Thank you.

 

2 replies

Michel
Michel
Level 4.0: Ice cream sandwich
May 5, 2026

Since the IP address list isn’t showing with URL belongs to what IP there is no way to say which one you need and wich one you could miss. In your first URL you see clearly what functions are available if you allow URL x or y and you can decide upon that one.

 

The ports will most likely not change, just the addresses. 

    ThomasH
    ThomasH
    Level 1.5: Cupcake
    May 7, 2026

    Hi,

    We have the same request. We are trying to use a private APN on our mobile devices, but we are experiencing issues reaching Google and Samsung servers (Android Enterprise, device updates, etc.).

    Since devices normally have full internet access by default, should this configuration work as expected, or are additional settings/rules required on the APN side?

    Terms & ConditionsAccessibility statement