ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM

4
ConfigMgr Intranet Clients can Use CMG Software Update Point

ConfigMgr 2006 introduced a new option to help remote worker scenarios. I have explained how to optimize ConfigMgr infrastructure for remote workers. Let’s see how to enable access for ConfigMgr Intranet Clients can Use CMG Software Update Point.

Introduction

From the 2006 version onwards, the ConfigMgr intranet clients can access CMG software update point. The CMG SUP should be assigned to a boundary group.

The ConfigMgr Intranet Clients can use the CMG Software Update Point option as another option to help and enable the remote workers scenarios. Microsoft introduced a new set of ConfigMgr Management Insights called Optimize for Remote Workers.

  • When an internet machine connects to the VPN, it will continue scanning against the CMG software update point over the internet.
  • If the only software update point for the boundary group is the CMG software update point, then all intranet and internet devices will scan against it.

Allow Configuration Manager Cloud Management Gateway traffic

Let’s enable the option to allow SCCM CMG traffic for intranet client devices connected through a VPN.

  • Navigate to \Administration\Overview\Site Configuration\Servers and Site System Roles
  • Click on the site system server where you have installed Software Update Point
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
  • Right-click on Software Update Point site system role
  • Select Properties options
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
  • On the General Tab (ConfigMgr 2006 onwards)
  • Select the option called “Allow Configuration Manager Cloud Management Gateway traffic
  • Click OK
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM

Boundary Group

Make sure you have added the CMG Software Update Point to the Boundary group to make sure the VPN clients will receive the details of CMG server.

ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM
ConfigMgr Intranet Clients can Use CMG Software Update Point SCCM

Logs

Client-side validation can be done using locationservices.log. Make sure you have CMG related entry in the log file to confirm the changes at the client side.

Resources

4 COMMENTS

  1. I have different VPN connections from different geographical locations. Also different Secondary sites. Do i have to allow network access between VPN network and server network to get information about CMG point.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.