Skip to main content
Question

SCEP Proxy in a DMZ Clustered Environment

  • February 12, 2018
  • 1 reply
  • 0 views

Forum|alt.badge.img+12

Hello all,

I'll be standing up a second JSS in the DMZ (Computer Access Only) soon while simultaneously enabling SCEP proxy services for enrollment and configuration profiles. I'd like to understand how SCEP traffic would function in such a configuration.

For example, if a Mac on the internet enrolls via DEP, will our DMZ JSS need to be able to reach our internal SCEP server? Or will this request route to our internal JSS and on to the SCEP server?

1 reply

Forum|alt.badge.img+8
  • Contributor
  • 118 replies
  • February 13, 2018

I think just the internal master JSS needs access as that's what initiates the request back to the CA or NDES server and then sorts the policies/configs to push via the DMZ box.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings