Question

SCEP Proxy in a DMZ Clustered Environment

7 years ago
February 12, 2018
1 reply
0 views

+12

UESCDurandal
Valued Contributor
77 replies

Hello all,

I'll be standing up a second JSS in the DMZ (Computer Access Only) soon while simultaneously enabling SCEP proxy services for enrollment and configuration profiles. I'd like to understand how SCEP traffic would function in such a configuration.

For example, if a Mac on the internet enrolls via DEP, will our DMZ JSS need to be able to reach our internal SCEP server? Or will this request route to our internal JSS and on to the SCEP server?

al_platt
Contributor
118 replies
7 years ago
February 13, 2018

I think just the internal master JSS needs access as that's what initiates the request back to the CA or NDES server and then sorts the policies/configs to push via the DMZ box.

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

Update iOS device missing from managementicon

Self Service 11.2.1 and iOS Device Compliance (Register with Microsoft) prompts missingicon

Apple plans on removing enterprise options for macOS Software Updateicon

Blocking the iOS 9 Updateicon

ENABLE LOST MODE Missing in Management Tab iOS 16.2 onlyicon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings