IT is often called in and expected to produce results when only vague or partial information is presented. This is especially so when integrating commercial software.
We were looking to implement SAP SUP (Sybase Unwired Platform). Part of it – for mobile device management for iOS devices – requires an Afaria server to communicate with the Apple Push Notification Service, gateway.push.apple.com, port 2195; and feedback.push.apple.com, port 2196.
Whatever software it is that’s running on Afaria, it’s not well-behaved insofar as it does not support proxy access. That means it expects to be on the Internet and be able to initiate these communication channels unencumbered.
Since I consider that to be a security risk I looked for a way to mediate this communication over a proxy server anyways, even though it wasn’t supposed to work.
Yes, we did get it to work, but not exactly in the way we expected.
We built TCP tunnels on the proxy.
To be continued…