An Apple iPad is connecting to a wireless access point, which goes through an IPsec VPN tunnel pointed to the Cloud
SSL intercept is enabled.
The custom-built application installs, but when it runs, it fails to complete installation routine.
The following errors are returned:
Feb 12 14:02:54 <device_name> online-auth-agent <Error>: PPQ server trust evaluation failure: 5
Feb 12 14:02:54 <device_name> online-auth-agent <Notice>: Server returned no data
Feb 12 14:02:54 <device_name> online-auth-agent <Notice>: Could not complete online authentication
The iPad device is attempting to connect to ppq.apple.com
Access logs show ssl_failure
A packet capture was taken and shows that the iOS device FINs the connection from the proxy when the Cloud certificate is passed to the device. This is an indication that the device received a certificate it was not expecting and terminated/aborted the connection.
Login to the portal and in Solutions mode > Threat Protection > Policy > Trusted Destinations > Trusted Domains URLs > Add Trusted Domains/URLs: ppq.apple.com . Click on the
NOTE: You may need to put in the IP address for ppq.apple.com into the
Trusted Destination IPs/Subnets. As of this writing, ppq.apple.com resolves to 22.214.171.124 and may change at any time.
Imported Document ID: 000030488
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.