DMZ Configuration
I want to setup a central sccm site server on my internal network. I also want the internal sccm server to include the clients in the DMZ. The firewall team will only allow port 80 and 8530 between the DMZ and the internal network. What functionality for the DMZ clients can I expect? Can someone give me the list of ports required matched up to functionality? I already know if 445 isn't opened you cannot automatically install the sccm client, what other issues can I expect? Thanks.
October 11th, 2010 2:56pm

It'd be nice if you could get 443 and 8531 open too. I think your biggest challenge will be getting the clients installed. Once they are installed they should work. http://technet.microsoft.com/en-us/library/ff189805.aspx http://technet.microsoft.com/en-us/library/bb632618.aspx John Marcum | http://myitforum.com/cs2/blogs/jmarcum |
Free Windows Admin Tool Kit Click here and download it now
October 11th, 2010 3:34pm

Any other issues you can think of with SCCM's functionality? As there aren't many DMZ clients, installing the client manually won't be a problem for us. Installing manually won't be affected will it if these ports are closed? Is there any issue with software distribution? I notice software distribution mentions port 445. thanks.
October 11th, 2010 4:22pm

If your DPs are BITS enabled, then the clients will used BITS on port 80 (assuming mixed mode) instead of SMB on port 445 for content transfer so no issue there. All client communication in ConfigMgr is client pull and completely on port 80 (with BITS enabled DPs and assuming mixed mode) and whatever port you chose for your WSUS/SUP installation which can also be port 80 if you so choose.Jason | http://myitforum.com/cs2/blogs/jsandys | http://blogs.catapultsystems.com/jsandys/default.aspx | Twitter @JasonSandys
Free Windows Admin Tool Kit Click here and download it now
October 11th, 2010 6:08pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics