Check Customize HTTP port number and enter a new port number. If you are using a non-default port number for either the HTTP or HTTPS protocol for this server, do one of the following tasks:. In the Add Management Server dialog box, in the Server address text field, type the external IP address of the NAT device. To add a server, click Add > New Server. If you require verification of a certificate with a trusted third-party certificate authority, check Verify certificate when using HTTPS protocol. Use this option if you want management servers to communicate by using HTTPS and if the server is running Secure Sockets Layer (SSL). To specify which communication protocol to use between the management servers and the clients, select one of the following options:. In the Management Server Lists dialog box, in the Name text field, type a name for the management server list and an optional description. Under Tasks, click Add a Management Server List. In the Policies page, under View Policies, click Policy Components > Management Server Lists. In the Add Group for group name dialog box, type the group name and a description. On the Clients tab, under Tasks, click Add Group. Under View Clients, select the group to which you want to add a new subgroup. 
Task 1: Add a client group for the clients in the remote location We recommended you switch communication between SEPM and clients to https communication.Copy sylink.xml of the client group to existing clients or export client install package for the group, deploy it to the computers.Configure the NAT device to redirect traffic arriving on its external IP address and the port specified in task 2 to SEPM's internal IP address and the same port.Change communication mode to pull mode and set the heartbeat interval appropriately. Assign the management server list to the client group.Add a management server list with the external IP address of the NAT device, the port SEPM uses for client communication.
Add a client group for the clients in the remote location.This document explains how to achieve this without a site-to-site VPN tunnel. However, site-to-site VPN tunnel may not always be possible and sometimes, the risk of passing SEP traffic through external network may be acceptable. It allows the SEP clients to be managed like any other clients on the internal network.
Establishing a site-to-site VPN tunnel is the best option.
0 kommentar(er)
