09-11-2014 10:46 AM
I'm trying to provide access to our Kindle devices to the Amazon Appstore before authenticating on our captive portal network. I've found very little and I've attached an android device and tried to check the datapath session table but the kindle was trying to reach a lot of destinations.
Here are networks I was allowing:
I was allowing ports 80 and 443 and not seeing any denies to these address when checking.
Thanks in advance,
09-11-2014 10:52 AM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
09-11-2014 01:01 PM
I did a pcap and used ClearSight Analyzer to read it and produce host names where applicable and was able to get the amazon appstore to load and browse apps but not download apps. The NAT addresses looked like they were going to an akamai server and several other IPs that changed each time I tried to redownload an app or download a different app.
Any other thoughts? I am so close!
09-11-2014 09:29 PM
Ive seen multiple devices go to different destinations and its also different by reagion. Here is the complete list of the ones that I have seen.
Kindle Fire CNA
Google Play (aka Android Market)
android.clients.google.com - google play access
.ggpht.com - download app from google play store
Additional (these resolved IPs may not match your local environment):
android.clients.google.com - 220.127.116.11, 18.104.22.168~135, 137, 142
googleusercontent.com - 22.214.171.124~140, 126.96.36.199~44
gstatic.com - 188.8.131.52
accounts.google.com - 184.108.40.206
clients1.google.com - 220.127.116.11~9,14
www.google-analytics.com - 18.104.22.168
i.ytimg.com - 22.214.171.124~41, 46
lh6.ggpht.com - 126.96.36.199~44
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.
09-12-2014 05:31 AM
For amazon I've added:
But ultimately I'm just putting a local copy of the APK that they'll need to download becuase what a pain!