Hello @ all, one of my customer uses a Juniper SSL VPN gateway to connect the client systems to the company LAN from the home office for example. Currently I am testing and if the client is connected via SSL VPN to the company network via Internet, the connection to the SCCM MP is established and the URL http://MP-server-name:portnumber/sms_mp/.sms_aut?MPcert is reachable, but no advertisements will starting on the client. Does anybody know if its possible to use SCCM over SSL VPN without using native mode ? Can anybody help me or point me into the right direction ? Thanks Tom

Yes, you can use SSL VPN. I have done it in 3 different companies. As long as the VPN Ip Range is hooked to a boundary then they will pull from that DP. If it is just a list of IP then SCCM doesn't know how to treat it. Look in location services. See what AD group it thinks it is and what DP it can or can't see.http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com

It should work. Check execmgr.log and cas.log to see if maybe it's just not finding the content becuase it's not in a boundary. John Marcum | http://myitforum.com/cs2/blogs/jmarcum/|

Thanks for your response. I spoke to the Remote Access and he told me that when the client connects via SSL VPN to the company LAN, it gets no separate IP Adress, only the ports 80 and 443 will be opened to the sccm server. For testing pusposes I have added 192.168.0.0 to the boundaries, but the client still shows "Currently Internet". Any ideas ?

So your VPN simply opens the ports. Normally they are assigned an ip address on the internal network. If you have a RAS or something. I would look on the VPN box at the traffic coming through to see what the ip range is. If they are talking to a RAS box then also make sure that RAS box has pass through to talk to the MPs. What does the LocationServices log say is the AD boundary for the client when connected via VPN?http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com

What ports is you WSUS server using 8530? If so you can't do SU using the SSL VPN until 8530 is opened.http://www.enhansoft.com/

the client communicates with the ip adress of the RAS box (Juniper) with the sccm server. I have added this IP and Subnet to the boundaries. The AD Site is not used to define the boundaries. Something is confusing me. I have added the IP range 192.168.0.0 to the boundaries and when the client gets the local ip 192.168.0.90, the client connections status is still "Currently Internet". Here is the "snippet" from LocationServices.log <![LOG[Failed to resolve 'SMS_SLP' to IP address from WINS]LOG]!><time="14:42:29.033+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lswins.cpp:324"> <![LOG[LSGetSLP : Failed to resolve SLP from WINS, is it published]LOG]!><time="14:42:29.033+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lsad.cpp:2277"> <![LOG[LSGetManagementPointForSiteFromSLP : Unable to get the list of SLPs]LOG]!><time="14:42:29.033+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lsad.cpp:3010"> <![LOG[Failed to retrieve Default Management Point from SLP]LOG]!><time="14:42:29.033+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lsad.cpp:2619"> <![LOG[Attempting to retrieve default management point from WINS]LOG]!><time="14:42:29.048+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:2652"> <![LOG[Attempting to retrieve NLB default management point from WINS]LOG]!><time="14:42:29.048+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:2658"> <![LOG[LSWinsResolveSMSName]LOG]!><time="14:42:29.064+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lswins.cpp:280"> <![LOG[Failed to resolve 'NLB_FT2' to IP address from WINS]LOG]!><time="14:42:38.158+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lswins.cpp:324"> <![LOG[No NLB default management point is present, attempting to resolve default management point from WINS]LOG]!><time="14:42:38.158+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:2664"> <![LOG[LSWinsResolveSMSName]LOG]!><time="14:42:38.158+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lswins.cpp:280"> <![LOG[Failed to resolve 'MP_FT2' to IP address from WINS]LOG]!><time="14:42:47.189+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lswins.cpp:324"> <![LOG[Failed to retrieve default MP through WINS.]LOG]!><time="14:42:47.190+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lsad.cpp:2674"> <![LOG[Failed to retrieve AMP for site code 'FT2' with error (0x80004005). Nulling existing entry in WMI]LOG]!><time="14:42:47.190+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:3883"> <![LOG[LSUpdateHomeMPInWMI]LOG]!><time="14:42:47.190+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1365"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:47.190+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:47.266+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[Persisted Default Management Point Location locally]LOG]!><time="14:42:47.617+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:3891"> <![LOG[LSRefreshInternetMode]LOG]!><time="14:42:47.617+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:4450"> <![LOG[LSSetProxyMPToPending]LOG]!><time="14:42:48.373+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymp.cpp:821"> <![LOG[LSJoinedToADDomain]LOG]!><time="14:42:48.419+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:395"> <![LOG[Attempting to retrieve proxy MP from AD]LOG]!><time="14:42:48.419+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymp.cpp:938"> <![LOG[LSGetProxyManagementPointFromAD]LOG]!><time="14:42:48.419+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymp.cpp:241"> <![LOG[Begin checking Alternate Network Configuration]LOG]!><time="14:42:48.419+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1216"> <![LOG[Unknown task LSProxyMPModificationTask in non-quarantine - ignoring.]LOG]!><time="14:42:48.435+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="2252" file="scheduledcleanupendpoint.cpp:404"> <![LOG[Finished checking Alternate Network Configuration]LOG]!><time="14:42:48.451+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1293"> <![LOG[Adapter {79168511-1C58-4657-B155-DFC0EA8F6971} has 1 IPv4 address(es).]LOG]!><time="14:42:48.466+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="2624" file="ccmiputil.cpp:560"> <![LOG[LSGetADSiteName]LOG]!><time="14:42:48.544+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:448"> <![LOG[Unable to retrieve AD site membership]LOG]!><time="14:42:48.544+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:462"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:48.544+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:48.607+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[In LSCreateProxyMpRequestBody]LOG]!><time="14:42:48.623+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymputils.cpp:231"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:48.623+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:48.638+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[LSGetADSiteName]LOG]!><time="14:42:48.638+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:448"> <![LOG[Unable to retrieve AD site membership]LOG]!><time="14:42:48.638+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:462"> <![LOG[Begin checking Alternate Network Configuration]LOG]!><time="14:42:48.638+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1216"> <![LOG[Finished checking Alternate Network Configuration]LOG]!><time="14:42:48.654+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1293"> <![LOG[Adapter {79168511-1C58-4657-B155-DFC0EA8F6971} has 1 IPv4 address(es).]LOG]!><time="14:42:48.654+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="2624" file="ccmiputil.cpp:560"> <![LOG[LSRefreshLocalManagementPoint]LOG]!><time="14:42:50.279+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:3762"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:50.279+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:50.498+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[LSJoinedToADDomain]LOG]!><time="14:42:50.498+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:395"> <![LOG[Attempting to retrieve local MP from AD]LOG]!><time="14:42:50.498+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:3778"> <![LOG[LSGetLocalManagementPointFromAD]LOG]!><time="14:42:50.498+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:896"> <![LOG[Begin checking Alternate Network Configuration]LOG]!><time="14:42:50.498+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1216"> <![LOG[Finished checking Alternate Network Configuration]LOG]!><time="14:42:50.623+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="ccmiputil.cpp:1293"> <![LOG[Adapter {79168511-1C58-4657-B155-DFC0EA8F6971} has 1 IPv4 address(es).]LOG]!><time="14:42:50.669+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="2624" file="ccmiputil.cpp:560"> <![LOG[LSGetADSiteName]LOG]!><time="14:42:50.966+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:448"> <![LOG[Unable to retrieve AD site membership]LOG]!><time="14:42:50.966+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:462"> <![LOG[LSUpdateLocalMPInWMI]LOG]!><time="14:42:51.044+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1502"> <![LOG[LSRefreshManagementPointList]LOG]!><time="14:42:51.357+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lssecurity.cpp:681"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:51.357+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:51.748+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[Refreshing the Management Point List for site FT2]LOG]!><time="14:42:51.748+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lssecurity.cpp:694"> <![LOG[LSGetManagementPointsForSiteEx]LOG]!><time="14:42:51.779+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lssecurity.cpp:3011"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:51.779+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:51.794+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1330"> <![LOG[LSGetProxySiteCodeFromWMI]LOG]!><time="14:42:51.794+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymp.cpp:851"> <![LOG[LSJoinedToADDomain]LOG]!><time="14:42:51.919+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:395"> <![LOG[LSGetManagementPointListForSiteFromAD]LOG]!><time="14:42:51.935+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lssecurity.cpp:2635"> <![LOG[Failed to retrieve MP certificate encryption info from AD.]LOG]!><time="14:42:51.951+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="2624" file="lssecurity.cpp:3066"> <![LOG[LSGetLocalSiteCode]LOG]!><time="14:42:52.388+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:557"> <![LOG[LSGetProxyMPFromWMI]LOG]!><time="14:42:52.623+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsproxymp.cpp:887"> <![LOG[LSGetHomeMPFromWMI]LOG]!><time="14:42:52.701+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2624" file="lsad.cpp:1438"> <![LOG[There are no management points to send the MPLIST1 request to.]LOG]!><time="14:42:53.138+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lssecurity.cpp:3122"> <![LOG[Failed to retrieve MP List for site code 'FT2']LOG]!><time="14:42:53.138+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2624" file="lssecurity.cpp:741"> <![LOG[The 'Certificate Store' is empty in the registry, using default store name 'MY'.]LOG]!><time="14:42:53.185+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="ccmcert.cpp:204"> <![LOG[LSJoinedToADDomain]LOG]!><time="14:42:53.185+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="lsad.cpp:395"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:42:53.201+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:42:53.357+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="lsad.cpp:1330"> <![LOG[Refreshing client operational settings over AD]LOG]!><time="14:42:53.357+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="lsad.cpp:4810"> <![LOG[Failed to update security settings over AD with error 0x80004005.]LOG]!><time="14:42:53.373+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="2600" file="lsad.cpp:4835"> <![LOG[Client SSL is disabled. Setting state to 0x0.]LOG]!><time="14:42:53.373+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="ccmutillib.cpp:180"> <![LOG[The 'Certificate Store' is empty in the registry, using default store name 'MY'.]LOG]!><time="14:42:53.373+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="ccmcert.cpp:204"> <![LOG[No security settings update detected.]LOG]!><time="14:42:53.419+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="2600" file="lssecurity.cpp:4340"> <![LOG[LSSendLocationRequestSync]LOG]!><time="14:43:02.935+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsutils.cpp:715"> <![LOG[LSCreateRequestMessageBody]LOG]!><time="14:43:02.935+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsutils.cpp:1066"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:43:02.935+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:43:02.951+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsad.cpp:1330"> <![LOG[LSGetADSiteName]LOG]!><time="14:43:02.951+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsad.cpp:448"> <![LOG[Unable to retrieve AD site membership]LOG]!><time="14:43:02.951+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsad.cpp:462"> <![LOG[Begin checking Alternate Network Configuration]LOG]!><time="14:43:02.951+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="ccmiputil.cpp:1216"> <![LOG[Finished checking Alternate Network Configuration]LOG]!><time="14:43:02.966+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="ccmiputil.cpp:1293"> <![LOG[Adapter {79168511-1C58-4657-B155-DFC0EA8F6971} has 1 IPv4 address(es).]LOG]!><time="14:43:02.982+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="3156" file="ccmiputil.cpp:560"> <![LOG[ContentLocationRequest : <ContentLocationRequest SchemaVersion="1.00"><Package ID="FT2000D7" Version="*"/><AssignedSite SiteCode="FT2"/><ClientLocationInfo LocationType="SMSPackage" UseProtected="0" AllowCaching="0" BranchDPFlags="0" UseInternetDP="0" AllowHTTP="1" AllowSMB="1" AllowMulticast="1" AllowFileStreaming="0"><ADSite Name=""/><IPAddresses><IPAddress SubnetAddress="192.168.0.0" Address="192.168.0.90"/><IPAddress SubnetAddress="2001:0000:5EF5:79FB" Address="2001:0000:5EF5:79FB:081F:07A9:3F57:FFA5"/></IPAddresses></ClientLocationInfo></ContentLocationRequest> ]LOG]!><time="14:43:02.998+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3156" file="lsutils.cpp:1172"> <![LOG[Failed to send Location Request Message]LOG]!><time="14:43:03.029+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="3156" file="lsutils.cpp:801"> <![LOG[Failed to create Location Request Message body]LOG]!><time="14:43:03.029+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="3156" file="ccmpkglocation.cpp:129"> <![LOG[LSUpdateProxyMPInWMI]LOG]!><time="14:43:48.685+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsproxymp.cpp:736"> <![LOG[Unknown task LSProxyMPModificationTask in non-quarantine - ignoring.]LOG]!><time="14:43:48.732+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="3716" file="scheduledcleanupendpoint.cpp:404"> <![LOG[LSSendLocationRequestSync]LOG]!><time="14:44:48.873+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsutils.cpp:715"> <![LOG[LSCreateRequestMessageBody]LOG]!><time="14:44:48.873+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsutils.cpp:1066"> <![LOG[LSGetSiteCodeFromWMI]LOG]!><time="14:44:48.873+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsad.cpp:1324"> <![LOG[LSGetSiteCodeFromWMI : Site code returned from WMI is <FT2>]LOG]!><time="14:44:48.888+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsad.cpp:1330"> <![LOG[LSGetADSiteName]LOG]!><time="14:44:48.888+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsad.cpp:448"> <![LOG[Unable to retrieve AD site membership]LOG]!><time="14:44:48.888+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsad.cpp:462"> <![LOG[Begin checking Alternate Network Configuration]LOG]!><time="14:44:48.888+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="ccmiputil.cpp:1216"> <![LOG[Finished checking Alternate Network Configuration]LOG]!><time="14:44:48.904+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="ccmiputil.cpp:1293"> <![LOG[Adapter {79168511-1C58-4657-B155-DFC0EA8F6971} has 1 IPv4 address(es).]LOG]!><time="14:44:48.904+-120" date="04-02-2012" component="LocationServices" context="" type="2" thread="3884" file="ccmiputil.cpp:560"> <![LOG[ContentLocationRequest : <ContentLocationRequest SchemaVersion="1.00"><Package ID="FT2000D7" Version="*"/><AssignedSite SiteCode="FT2"/><ClientLocationInfo LocationType="SMSPackage" UseProtected="0" AllowCaching="0" BranchDPFlags="0" UseInternetDP="0" AllowHTTP="1" AllowSMB="1" AllowMulticast="1" AllowFileStreaming="0"><ADSite Name=""/><IPAddresses><IPAddress SubnetAddress="192.168.0.0" Address="192.168.0.90"/><IPAddress SubnetAddress="2001:0000:5EF5:79FB" Address="2001:0000:5EF5:79FB:081F:07A9:3F57:FFA5"/></IPAddresses></ClientLocationInfo></ContentLocationRequest> ]LOG]!><time="14:44:48.919+-120" date="04-02-2012" component="LocationServices" context="" type="1" thread="3884" file="lsutils.cpp:1172"> <![LOG[Failed to send Location Request Message]LOG]!><time="14:44:48.951+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="3884" file="lsutils.cpp:801"> <![LOG[Failed to create Location Request Message body]LOG]!><time="14:44:48.951+-120" date="04-02-2012" component="LocationServices" context="" type="3" thread="3884" file="ccmpkglocation.cpp:129"> Many thanks ! Tom

I'm pretty sure if the clients are nat'd and you can only see the address of the RAS box then you can't get this to work. You'll need to use native mode with IBCM. John Marcum | http://myitforum.com/cs2/blogs/jmarcum/|

another customer which using still SMS 2003 the same construct is working fine...thats it why a am a "little" confused.Regards, Tom

NATing is not supported. http://technet.microsoft.com/en-ca/library/dd547071.aspxhttp://www.enhansoft.com/

Hello Tom, As far as the IP Range is part of the Boundary it should work your. Secondly even if you are in Native mode please refer to the link below to see what are the features that are supported over the internet and which are not. http://technet.microsoft.com/en-us/library/bb693755.aspx Regards, AMIM MUHAMMAD KHAN | CTTCNET USER GROUP LEAD | EVENT SPEAKER, MCT, MCTS, MCITP-ENTERPRISE, MCSA http://amimkhan.wordpress.com

but the client still shows "Currently Internet". That just indicates that the client cannot reach its default MP. LocationServies.log basically tells you something similar: the client is not able to get the site version from AD or SLP. Just talk to those Juniper guys and make sure that the client can reach the MP, AD, etc: http://technet.microsoft.com/en-us/library/bb632618.aspxTorsten Meringer | http://www.mssccmfaq.de

for packages and security patches you would also need port 445

Many thanks for all replies. Now I will try to open the port 3268 LDAP to reach AD. If this will not work I will change the Infrastructure to Native Mode. Tom