If you want to run the Unified Push Server behind a firewall, you still need to expose those RESTful endpoints that are accessed from the mobile apps running on the different devices:
With the help of the Fabric8 Gateway Servlet this is a fairly simple task!
I have created such a gateway that only exposes the above URLs, nothing else. Checkout therepository on github!
Have fun!
