question

Nelome-7925 avatar image
0 Votes"
Nelome-7925 asked Nelome-7925 commented

SCCM cloud management gateway connection issue

Hi Community,

I am new to the SCCM world.

Currently we are transferring our endpoint management to internet-based management. So we upgrade our SCCM to 2103 version with all hotfix patch installed.

then we have the CMG setup in vmss set. (classic cloud is no longer support).

The problem for now is, when client PC power off and power on next day monday morning, the PC cannot connect to CMG gateway. And, when client PC use connect VPN to connect SCCM, then disconnect SCCM, the client PC can connect to CMG gateway through internet without any problem.
I dont publish CRL and disable both CRL in primary site and CMG setting. We are using internal CA and PKI has setup completely.

See below client location log.

193190-image.png


193258-image.png




Appreciate any answers here.

Tanks!

mem-cm-site-deployment
image.png (53.5 KiB)
image.png (68.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

kalyansundar-6796 avatar image
0 Votes"
kalyansundar-6796 answered Nelome-7925 commented

Error WPJ certificate isn't found Make sure the device is Azure AD-joined.
Use dsregcmd.exe. For example, dsregcmd /status and look at the Device State section.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Our environment is complicated. Our device is azure registered to different tenant.
So after few try out, I find out the major reason because that is I have to disable the CMG CRL checking and Site server CRL checking.

after that the client able to authenticate with ceritificates.

0 Votes 0 ·