We are using Split tunneling and want to force vpn client to download data from Microsoft

Question

Hi Team,

We are using split tunneling and already whitelist Microsoft update IP address/website in ASA-firewall.

Our client still downloading from on-perm Distribution point not from the Microsoft.

NOTE: This software Update group already downloaded and distribute to DP but now i want our VPN client will not download data from DP but from Microsoft.

 

 

ContentTransferlog - How To Manage Devices Community Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - We are using Split tunneling and want to force vpn client to download data from MicrosoftDownloading Settingfor SW UP Group - How To Manage Devices Community Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - We are using Split tunneling and want to force vpn client to download data from Microsoft

solved 0
Virender Rawat 5 months 4 Answers 108 views Beginner 0

Answers ( 4 )

  1. I guess what is happening – since the SUG package content already replicated to DP and VPN boundaries are configured, as expected the VPN machines are contacting DP for content.

    May be you can remove the content from DP and initiate deployment with the setting checked to go to MS if content not available in DP

  2. Hello – Do you already have a boundary group defined for vpn clients?

    The DP in the screenshot is part of that boundary group assignment.

    Can you test this whether the whitelisting or spilt tunnelling is working by remove that content from the DP?

    Also, can you try to create a software update deployment without any software update package ?

    I have explained in the following post https://howtomanagedevices.com/sccm/1603/sccm-config-to-help-to-reduce-vpn/

    Does that helpful

    • Thanks for guidance.
      Now, i am in situation where i need to remove this April 2020 software updates from existing package Year-2020.
      is there a way we can remove content from Package without removing entire package from DP.

      • Can you spilt the boundary group for test devices and don’t add DP into the boundary group setting … does that work ? I never tested this but its bit daisy

        Other option is remove that deployment from that collection and initiate another deployment with no package ? What you think ?

        Best answer

Leave an answer

Sorry, you do not have a permission to answer to this question .