I know this has been discussed before - are some of you allowing access to
your JSS from outside your internal network? Whats the best practice
here? Is port 8443 all that's needed to allow a client to check in?
Chad
Question
JSS access from outside
+33Hi Chad,
We have it externally accessible for a couple reasons:
-ability to edit policies, etc. from home
-ability to trigger items on computers at home
-theft tracking (getting the IP’s for warrants)
We only allow 8443 open so only encrypted connections can get through from outside.
John
+16Same as John's set up here. And for the same reasons.
Added Bonus, ability to use the JSS iPhone app when not on WiFi at work!
J
-Dusty-
Dustin Dorey
Technology Support Cluster Specialist
Independent School District 196
Rosemount-Apple Valley-Eagan Public Schools
dustin.dorey at district196.org
651|423|7971
Hi
Same here. I have port 8443 only so I can track the devices and update
them,
Cheers
Carmelo Lopez Portilla
Embl Heidelberg
IT Support
Please consider the enviroment before printing this e-mail.
El 12/01/2010, a las 19:56, John Wetter
Just be sure to scope your policies, that need packages/scripts, to run only within your internal network, otherwise afp/smb and http downloads will fail unless you allow the correct ports (learned from experience and filling an inbox with policy failed messages).
Though I also only allow 8443, and it works great.
Thanks,
Robert
This is a good tip, but what's the best way to accomplish. I can't create
a network segment large enough to encompass our entire network. I have
many smaller segments already created but dont want to have to select all
of those individually. Wish I could create one segment that includes all
of 10.192.0.0/10.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.