locked
How to manage VPN clients in SCCM 2012 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    In my environment, I have multiple clients over VPN in multiple sites, 

    now I have problem, I how can I manage those clients for VPN, coz n CM 2012 I have to give boundary group and n boundary group  have to give the site server references, and I have only one IP subnet in whole environment, but from that subnet, some clients are from A site, B site and C site, now can you tell me how to manage them, 

    How to configure DP for them??

    How they can get correct MP?  

    Sharad Singh | My blogs: SharadTech | Twitter: @SinghSharaad | | Please remember to click “Mark as Answer” on the post that helps you.This can be beneficial to other community members reading the thread.

    Sunday, December 15, 2013 9:07 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    There are not many options then. Add that subnet as a slow boundary/group and configure all deployments accordingly. Add the DP that has got the best connection.

    Torsten Meringer | http://www.mssccmfaq.de

    • Marked as answer by Juke Chou Tuesday, December 24, 2013 3:13 PM
    Monday, December 16, 2013 8:20 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    if you want to treat different clients in different ways, you might need to consider having different IP NAT pools for each "region". It's a little difficult to suggest, without knowing a lot more about your network, and why it is setup the way you have. And, there are a lot of things to consider.

    If you have DPs scattered around the world, with a VPN PoP near some DPs, then your VPN solution might need some re-configuration, to direct the initiating client to a particular NAT pool, and you could create a suitable CM boundary for that IP range of that NAT pool.

    Don
    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

    • Marked as answer by Juke Chou Tuesday, December 24, 2013 3:13 PM
    Monday, December 16, 2013 9:41 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Can you expand upon and explain "I have only one IP subnet in whole environment"?

    How is that possible?

    Jason | http://blog.configmgrftw.com

    Sunday, December 15, 2013 10:27 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Jason, 

    I have only one IP subnet means I have only one IP subnet for VPN clients n all environment, all clients from all sites which are connecting with VPN they will fall on that VPN IP subnet.

    other than  have LAN/WAN link for all sites, which I have already configured according to Sites/DP and there s no problem, every thing is working fine.

    but for VPN i have only one network which is worldwide, and that network used by all sites, this is the problem, How can I manage that network, and where should I add for boundary/DP for site references??? 

    Sharad Singh | My blogs: SharadTech | Twitter: @SinghSharaad | | Please remember to click “Mark as Answer” on the post that helps you.This can be beneficial to other community members reading the thread.

    Monday, December 16, 2013 3:35 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    There are not many options then. Add that subnet as a slow boundary/group and configure all deployments accordingly. Add the DP that has got the best connection.

    Torsten Meringer | http://www.mssccmfaq.de

    • Marked as answer by Juke Chou Tuesday, December 24, 2013 3:13 PM
    Monday, December 16, 2013 8:20 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    if you want to treat different clients in different ways, you might need to consider having different IP NAT pools for each "region". It's a little difficult to suggest, without knowing a lot more about your network, and why it is setup the way you have. And, there are a lot of things to consider.

    If you have DPs scattered around the world, with a VPN PoP near some DPs, then your VPN solution might need some re-configuration, to direct the initiating client to a particular NAT pool, and you could create a suitable CM boundary for that IP range of that NAT pool.

    Don
    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

    • Marked as answer by Juke Chou Tuesday, December 24, 2013 3:13 PM
    Monday, December 16, 2013 9:41 AM