Thanks for the reply, i have gone through the list of question and answer then to reflect my configurations, hopefully we can get this sorted.
My setup is as followings
Reverse Proxy(URL Rewrite) in the DMZ, and the MDM,SMP in the Prod Network.
Are you using a valid APNS Bundle Identifier in the format com.apple.mgmt.* where * is whatever you like? For example, com.apple.mgmt.emilio-test?
When i Completed the export i did use a proper Format of com.apple.mgmt.*****. But it does not have the provate key as it was not exported with the key.
But i think i will have to use a macbook to export the certificate and the export the private key from the keychain( would this be my issue?)
It sounds like enrollment worked, but commands don't work. Enrollment uses SCEP via NDES while commands are going to use APNS. This points to an issue with APNS.
When i Enroll the Device to the MDM, i can see the Our CA is issue a Certificate to the device.
This could also be an issue with networking. Can the MMS SS communicate to gateway.sandbox.push.apple.com on ports 2195 and 2196? Can the iPad?
Both Server the Reverse Proxy ( in the DMZ) and the MDM and SMP server ( ont he same box) can communicate to the over those to ports (Via Telnet). With the IPAD shouldnt they be already communicating via those ports. as it is using a 3G network.
Did you properly set the override settings for the MMS SS, and are you using HTTPS? If you set it to use port 443, can a computer on the iPad's network reach the MMS SS on port 443 (telnet mms.company.com 443)?
I can access the the https://XXX.company.com.au/mobileenrollement/*******(all pages). I can also telnet the FQDN over 443. the override is set to the outside FQDN and is selected to use 443
Since you're using SSL (you must use SSL for iOS 5 devices), is the certificate you installed on the MMS SS signed by an external authority (e.g. GoDaddy)? Does the FQDN (e.g. mms.company.com) resolve properly to the externally-assigned IP address?
We do have a SSL certificate on the Reverse Proxy in the DMZ, and the FQDN can resolve our Public IP address.
I think maybe the issue is the APNS certificate not being export correctly.
Thanks