I have my JAMF server on my Internal (private) network. The firewall has been setup to use DEP with Apple and everything works like a champ. What I want to do is... put potential clients on my Guest (public) network and have the same functionality I would as if they were on my internal (private) network. What ports and routes need to be made for this to happen? I can get to my JAMF console from my Guest (Public) network but DEP enrollment, RECON, and POLICY will not work on the new clients. Any help on this would be greatly appreciated.
Two things...one, check out the Jamf port knowledge base article if that helps: https://www.jamf.com/jamf-nation/articles/34/network-ports-used-by-jamf-pro
Second if you want policies to run make sure your clients can get your distribution point.
we have an instance of our JSS running in the DMZ with ports open to pass the recon info to the internal DB. We do not allow package/policy traffic through our DMZ due to security risks. That is something to consider with your .org.
