Firewall and File Store Distribution Point

rharms
New Contributor

I've got a File Store Distribution Point set up in my firewall's DMZ for machines to hit when offsite, but I haven't been able to make it work correctly.

The logs in the JSS always show the same series of messages. It says that the package is downloading. Then it says "The network connection was interrupted while downloading the package from <distribution point>. Attempting to reconnect". Then is shows another download attempt followed by "Error: <package name> is not available on the HTTP Server." Same result no matter what package it's trying to download.

If I hook a MacBook up directly to the DMZ switch and attempt to install a package, everything works just fine. That leads me to believe I'm dealing with a firewall issue. Right now, I've got TCP ports 80, 443, 445, 137-139 open from the outside world into the DMZ distribution server. Not sure if there are more ports that need to be open or what?

If anybody has dealt with this and has some insight, I would appreciate it.

2 REPLIES 2

sdagley
Honored Contributor II

@rharms The only port you want exposed to the outside world for your DMZ DP is 443 if you have HTTPS enabled on it (most orgs won't even consider exposing 137-139 and 445)

dmw3
Contributor III

@rharms Did you find a resolution to this?