SCCM Client Push over VPN

Question

HI Anoop/Team,

Hope everyone is being safe and healthy !!

Need someone’s practical experience in finding out can we push SCCM client over VPN connected machine VIA client push? We are currently working on 1909 upgrade project and as per one of the senior members, the SCCM client push is not going to happen over VPN-connected clients as they won’t be able to talk over port 80.

As per my experience for client push, we need the following condition to be true:

we need to configure client push account.

That client push account has to be domain admin of the machine we are trying to push the client into

We could resolve the machine into its IP address from the Site server

Am I missing anything and could we push and successfully SCCM client over   VPN like over LAN?

Regards,

Arvind Dubey

 

Answers ( 8 )

    1
    2021-03-05T19:04:34+05:30

    Adding to anoop’s answer you can define a custom port for client communciation and use that one.

      0
      2021-03-06T12:24:56+05:30

      Hi Ankit,

      Thanks a bunch for your time and reply !!

      Just need one further assistance could I talk to my network team and request them to allow the client communication using the same port over VPN like we use in LAN or help in creating a custom port as you mentioned and ask them to route the client push traffic over that port on VPN?

      Regards,
      Arvind Dubey

        0
        2021-03-06T17:02:16+05:30

        You can use the same port which you use it for LAN and if there are any security concerns over port 80 then you can define custom port for LAN and VPN both.

        Best answer
          0
          2021-03-10T21:40:06+05:30

          HI Ankit,

          Thanks a bunch for clearing it up and making this concept crystal clear :).

          Hope to have your assistance in the coming time too with other queries.

          Regards,
          Arvind Dubey

    0
    2021-03-04T19:34:26+05:30

    Hello – Client push and everything is possible through VPN if you can convince your network team and security team to open up ports required (also when you have appropriate permissions on the client machine).

    I have explained end to end scenario and Live demo (and some troubleshooting)

    https://www.anoopcnair.com/install-configmgr-client-using-client-push-installation-method-sccm/

    Helpful?

      0
      2021-03-06T12:23:24+05:30

      HI Anoop,

      Thanks for the beautiful and elaborate tutorial that’s extremely helpful and informative.

      Just need one further assistance could I talk to my network team and request them to allow the client communication using the same port over VPN like we use in LAN or help in creating a custom port like Ankit mentioned and ask them to route the client push traffic over that port on VPN?

      Regards,
      Arvind Dubey

      • Hey – Yes you should follow the LAN ports (default ports).

        Of course you can look for custom ports that might be more work for sccm team rather than network team

          0
          2021-03-10T21:41:23+05:30

          HI Anoop,

          Thanks a bunch to you and Ankit for clearing my queries 🙂

          My sincere thanks for your time and assistance in clearing this up.

          Hope to have your assistance in the coming time too with other queries.

          Regards,
          Arvind Dubey

Leave an answer

Sorry, you do not have permission to answer to this question .