question

RahulSapke-7756 avatar image
0 Votes"
RahulSapke-7756 asked Jason-MSFT commented

Setting up SCCM with SSL and IBCM

I am trying to setup ConfigMgr with SSL for intranet based clients and IBCM for internet based client.

Can these two requirements be achieved in one site server?

I already have one primary site server running with SCCM CB 1910 with two different DP locations. But too many R&D took place on it. Hence we are hesitant to go ahead with same infrastructure.

Please guide.

mem-cm-site-deployment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Jason-MSFT avatar image
0 Votes"
Jason-MSFT answered Jason-MSFT commented

Can these two requirements be achieved in one site server?

Yes, although the question is a little bit ambiguous. There are a lot of possibilities ultimately depending on the environment and operational requirements.

Is there a reason you don't just enable a Cloud Management Gateway? This involves no added infrastructure and very little configuration change.



· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you Jason. We are looking to control the cost involved in CMG. We have three different locations where in for one location we use SCCM for Desktop in India and for remaining two sites we use WSUS with proxy server for laptop. These laptop direct connect to the proxy and fetch the WSUS server location and download the metadata and update themselves over the internet. We want to bring everything under SCCM for patch management/application deployment/OS deployment. And hence IBCM is needed.

And as per my understanding client will automatically decide whether they are on Internet or Intranet.

I want to have three site configured. How exactly I should plane this infrastructure? I want to keep India site as primary site. Do I need to make it as CAS or primary would be suffice?

0 Votes 0 ·

Thank you Jason. We are looking to control the cost involved in CMG

Using a CMG is far cheaper and more affordable than most people think and far cheaper in terms of actual cost as well as effort and security than anything you could do yourself.

See https://www.deploymentresearch.com/real-world-costs-for-using-a-cloud-management-gateway-cmg-with-configmgr/#:~:text=The%20CMG%20Platform%20as%20a%20Service%20%28PaaS%29%20is,devices%20or%205000%20you%20will%20pay%20that%20fee. for example real-world costs.

And as per my understanding client will automatically decide whether they are on Internet or Intranet.

This is correct.

As for your infrastructure, that depends on many things not in evidence, but definitely no CAS. Also, as noted, definitely deploy a CMG for Internet based client management.



0 Votes 0 ·
AllenLiu-MSFT avatar image
0 Votes"
AllenLiu-MSFT answered RahulSapke-7756 commented

Hi, @RahulSapke-7756
Thank you for posting in Microsoft Q&A forum.
Agree with Jason's reply and suggestion that use CMG could be a better choice.
What I want to add is SCCM CB 1910 has ended support on May 29, 2021, it's recommended to upgrade to the latest available version SCCM CB 2103 ASAP.
https://docs.microsoft.com/en-us/mem/configmgr/core/servers/manage/updates#supported-versions


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Yes, soon we will setup it. thank you.

0 Votes 0 ·