Network Ports used by MDS
MDS uses network ports for various communications. In order for certain features to function, the network ports shown below must be accessible.
| Service | Protocol | Port(s) | TLS? | Notes |
| MicroMDM | TCP | 80,8443 | Configurable | Port 80 is only used to enforce a redirect from 80 -> 8443 on the web server |
| Serve Images over HTTP | TCP | 8888 | No | Static webserver for mounting images from recovery. Content is served via HTTP due to lack of HTTPS support in macOS Recovery. |
| Munki | TCP | 4443 | Configurable | Used by Munki clients to contact Munki Server hosted by MDS. |
| Imagr Remote Logging | TCP | 8080 | No | Used by Imagr when running workflows to post status back to MDS on workflow progress. |
Outbound Connections
All outbound connections are on port 443 unless alternate port is specified below.
| MDS Software Update Check | https://twocanoes-app-resources.s3.amazonaws.com |
| Apple support | https://support.apple.com/en-us/HT202944 https://identity.apple.com/ |
| In-App links for help | https://twocanoes.com/ |
| Open Source Project Links | https://github.com https://micromdm.io https://www.munki.org https://labs.amplifiedit.com/Centipede/ |
| MicroMDM | MicroMDM makes a number of outgoing connections to Apple services, including mdmenrollment.apple.com and the APNS(push notification) service. These outgoing connections require an outbound connections on port 443. |
| Software Update for Open Source Projects | https://api.github.com |
| macOS Software Updates for Download macOS | https://swscan.apple.com |