Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Apple devices failed to connect to Local Communication Server (LCS) after upgrading to Mobile Security (TMMS) for Enterprise 9.1

    • Updated:
    • 30 Apr 2015
    • Product/Version:
    • Mobile Security for Enterprise 9.0
    • Mobile Security for Enterprise 9.1
    • Mobile Security for Enterprise 9.2
    • Platform:
    • iOS 8.0+
    • iOS 8.1
Summary

After upgrading to Mobile Security (TMMS) for Enterprise 9.1, you cannot connect iOS devices to Local Communication Server (LCS) with "Error [Return] RC=1004" and "Error [Return] RC=1005". Moreover, ports 2195, 2196, and 5223 are allowed in Firewall both ways.

Details
Public

Unsuccessful enrollment of your device to TMMS server might be due to incorrect configurations of the enrollment settings and Communication Server settings. To ensure that your device can successfully connect to LCS, do any of the following:

  • Disable Simple Certificate Enrollment Protocol (SCEP) Settings

    1. Open the TMMS console.
    2. Go to Administration > Communication Server Settings > iOS settings > SCEP Settings.
    3. On the Simple Certificate Enrollment Protocol (SCEP) Settings window, uncheck the Enable SCEP checkbox.

    SCEP works with certificate authority to handle issuance and revocation of digital certificates in large enterprises. In TMMS 8.0, it is required to enable SCEP. However, it is now optional to have this enabled in TMMS 9.0 or above versions. Certificate issues might be the cause of the connection issues.

  • Check the Communication Server Settings

    Sometimes, iOS mobile device agents are unable to enroll to the TMMS server when the SCEP server uses IPv6 numeric address to enroll IOS mobile devices. To modify this configuration:

    1. Open the TMMS console.
    2. Go to Administration > Communication Server Settings > Common Settings.
    3. Use IPv4 address, which is the default configuration, instead of hostname or FQDN to avoid the communication server to use IPv6 address.

  • Make sure that your device has a “Healthy” status. At first, it will be “Out of sync”.

    This is beyond Trend Micro’s control. The device needs time to sync as the process is long.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Upgrade; Register
Solution Id:
1108376
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.