+10Hello,
In order to set up a JSS in DMZ, do we have to have only one address accessible internally and externally?
Is it possible to have 2 diferent addresses to configure locally on the client computers? If one is not accessible, it tries to connect to the second one.
Thanks for your help
+7Our DNS service is uses BIND.
Working with our network engineers they recommended creating a view in the BIND DNS to direct clients to the proper JSS depending on whether the client is internal or external. Windows DNS probably has a the same function?
+10Hello @burdett
Thank you for your reply.
I have seen with our network administrators and apparently this is not possible.
No problem, I asked if you knew a solution but I think it's up to our network technicians to find a solution.
Thanks for your help.
+20You need two distinct Jamf servers in a cluster. One facing internal, one facing external. A DNS record internal and external with the same FQDN that matches your "Jamf URL." Also, buy a publicly-signed SSL certificate and install on both.
+7@glpi-ios There is a document, Installing a JSS Web Application in the DMZ,
Talk to your JAMF TAM, about also purchase the JSS Migration Service Expanded Service. A member of Jamf Services will work with you via WebEx to install the JSS in the DMZ and ensure functionality. For more information on Jamf Expanded Services, download the following PDF:
https://resources.jamf.com/documents/products/documentation/jamf-premium-services.pdf
Maybe your network technicians can direct connections to internal, external host with host firewall rules. I would recommend creating a test server pair and test your DMZ configuration before acting on your production environment.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.