SMS 2003 - Clients in DMZ access through Firewall

From: "Herbert Peißl" <HerbertPeil@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 22 Jun 2005 11:04:04 -0700

Hi,
I want to connect our WinXP homeoffice (Workgroup pc's) to sms 2003 Sp1.

The XP Clients directly connect through an VPN Tunnel to the DMZ. The SMS
Primary Siteserver SMS 2003 Sp1 is in the private network with a W2k Domain
(AD and DNS).
How can I solve this?

1. I want to distribute software to the clients?
2. Inventory should function
3. and i want to use remote control or remote Assitance.

Some ideas:
The clients are in an workgroup, so i have to use the advanced SMS Client
(SMS2003 Sp1 supports only advanced clients)

Do I need a secondary Site or another primary site?
Where should be the 2nd Site DMZ or Privat network?
Where should be the MP; DP for this clients?

Please help

Thank you

Herbert

.

Follow-Ups:
- Re: SMS 2003 - Clients in DMZ access through Firewall
  - From: Kim Oppalfens

Prev by Date: Re: Description of SQL tables.
Next by Date: MP is not responding to HTTP requests
Previous by thread: Simulate SMS2K3 access across hardware firewall
Next by thread: Re: SMS 2003 - Clients in DMZ access through Firewall
Index(es):
- Date
- Thread

Relevant Pages

SMS 2003 and firewall
... We use SMS 2003 SP1, Advanced Security with SMS schema extensions. ... wan't to use sms package distribution to advanced clients over a VPN. ... The Windows XP Clients connect to our company to a DMZ. ...
(microsoft.public.sms.swdist)
Re: SPI on Advance client first
... This used to be the case in the sms 2.0 days when clients autoupgraded, ... You can upgrade or replace all clients that have supported operating ... systems to the SMS 2003 SP1 Advanced Client before you upgrade the site ...
(microsoft.public.sms.admin)
Re: SPI on Advance client first
... > This used to be the case in the sms 2.0 days when clients autoupgraded, ... > systems to the SMS 2003 SP1 Advanced Client before you upgrade the site ...
(microsoft.public.sms.admin)
Re: Secondary Sites
... you cannot assign clients to them. ... Check out the SMS Technical FAQ: ... Can the advanced client talk to the existing primary site server if ... You mention that you have a child domain within your LAN. ...
(microsoft.public.sms.setup)
Re: SMS 2003 - Clients in DMZ access through Firewall
... created a new forest with a ONE WAY trust to our exsisting PROD domain SMS ... The XP Clients directly connect through an VPN Tunnel to the DMZ. ... opening up just one port, and that is TCP port 80 by default. ...
(microsoft.public.sms.admin)