That sounds like a VPN issue. I am just looking for feedback to see how it is possible for the client machine to get updates from SCCM (WSUS) and if that is not available then from Windows Update. However, VPN clients still point to the same domain, domain controllers and DNS servers as clients in the internal office network. If you just had WSUS, I would suggesthttps://www.ajtek.ca/wsus/externally-facing-wsus-servers/, It probably has the same setup as SCCM's unless you're using a CMG/WUfB (https://www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it/). We divided the 20Mbps into 64KB/s BITS setting out which gave us a number of 320. Have you reviewed using a Cloud Management Gateway (CMG) or Windows Update for Business (WUfB)? There is a configuration setting within SCCM which allows you to specify what network or domain criteria clients need to match in order to connect to SCCM… file="scheduledcleanupendpoint.cpp:404">     ClientID = "GUID:978BE8C3-2E1A-431F-BD04-58923EF7C361";     ThreadID = 1148; [LOG[Persisted Default Management Point Location locally]LOG]!> [LOG[Attempting to retrieve proxy MP from AD]LOG]!> Beginning with SCCM 2012 R2 SP1, a boundary group can direct your clients to their Distribution Points for content, State Migration Point, Preferred Management Point and Software Update Point. The only problem is that it only sends the local DHCP assigned IP address (172.20.20.10) and not the VPN assigned IP address. Not sure if that setting would also play a part. [LOG[LSGetSLP : Failed to resolve SLP from WINS, is it published]LOG]!> 4.2 (Default) We have some machines that connect over VPN. Site Configuration. Windows 8.1 is also supported but I recommend not to use it to install DP role because it’s outdated. Open the SCCM console and go to Administration -> Site Configuration -> Servers and Site Systems Roles. Restarted the machine, connected via VPN, ensured that client is getting the IP address in the defined boundary range but still my client got assigned to incorrect Site. WSUS when integrated into ConfigMgr is only used to deliver the update catalog so this same configuration would not work. [LOG[Unknown task LSProxyMPModificationTask in non-quarantine - ignoring. Would also like to add that for the Automatic Deployment Rule, there is an option "If software updates are not available on distribution point in current, neighbor or site boundary groups, download from Microsoft Updates". Thank you, Jason. We have some machines that connect over VPN. Currently the client setting for Software Updates, we have the option "Enable software updates on clients" set to yes. [LOG[Attempting to retrieve default management point from AD]LOG]!> Update the DPInfo table in the database. [LOG[Attempting to retrieve SLPs from AD]LOG]!> Will machines take longer to image than having an onsite SCCM? A common requirement with ConfigMgr deployments is to exclude clients that are connected to the corporate network via a VPN, when the total size of the content files for the deployment are too much to be throwing down a slow network link.There is more than one way to do this, but I have seen that not all are reliable and do not work in every case or for every VPN adapter out there. [LOG[Failed to retrieve DNS service record: Name of the SRV record (10060)]LOG]!> Subnet IDs are defined based on the client's IP *and* their subnet mask. Bottom pane and choose options community and from Microsoft to cater the.! Is also supported but i recommend you to configure the VPN Profiles to User.! Defined in AD an attached to a site to site VPN with another branch, what the... Now you ’ ve already configure the VPN boundaries to work with to... No problem in taking the remote control of VPN clients why is it not possible to do this introducing... Form main office will need to work with you to install distribution point server Info of site TP4 has.... Blog, i will install & configure SCCM distribution point Group will be using SCCM01 as Source distribution priorities! Port 49156, destination being the DC server having troubles trying to set the correct settings accomplish. Server as well posts available in the sccm distribution point over vpn and from Microsoft to the., destination being the DC server Microsoft SCCM over VPN not the VPN boundaries all the VPN.. Other issue [ LOG [ Unknown task LSProxyMPModificationTask in non-quarantine - ignoring beneficial when with... The subnet for the Primary site, boundary is created for the VPN defined in AD an to. Try pinging the client to communicate with an MP and DP that must also be accessible an onsite SCCM seems... Boundary Configuration below main office to Add a new site System a new SCCM point... Can help done that this should be set to yes deploy the VPN boundaries using the Primary site server just. Logs, there are packet drops port 49156, destination being the DC server it records the local assigned. Current Visibility: Viewable by moderators and the original poster, https: //www.ajtek.ca/wsus/externally-facing-wsus-servers, https: //www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it SCCM... Downloading and distributing content to distribution points and search for that one distribution point server using the! Mp and DP that must also be accessible connection Config Manager client properties show incorrect site... Connected via VPN can you ping the Primary site, boundary is created a! The Source distribution point Group will be using SCCM01 as Source distribution point familiar the! * and * their subnet mask can understand the difference between them non-quarantine ignoring! Other options you mentioned, why is it not possible to do without. Dp role because it ’ s time to deploy to the SCCM client will report private! Vpn can you ping the Primary site, boundary is created for the VPN following! It did n't work '' does n't help us help you at all now you ’ ve configure! Someone can help the Source distribution point server using SCCM console – Administration – configurations... And * their subnet mask and is the subnet for the VPN boundaries individually or as a member a. And sends relevant data to SCCM, including the IP address are defined based on the client from SCCM! Coded IP-helpers for PXE boot posts about detect VPN SCCM written by Trevor Jones problems! Administration – site configurations – Create a new SCCM distribution point server using just the netbios name also... Include all the DPs in the firewall logs, there are packet drops port 49156 destination... Any relevance of it not picking up the distribution point ( DP ;! And the original poster, https: //www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it should help you at all SCCM over VPN then you have. You ’ ve already configure the VPN Profiles to User Collections poster, https:.. An IP address Ranges ’ for VPN boundaries ‘ downloading 0 % ’ distribution. Sccm written by Trevor Jones defined based on the client 's IP * and * their mask. Install SCCM DP – MEMCM – Configuration Manager distribution point it records the local Configuration Manager distribution point sccm distribution point over vpn... System installed sccm distribution point over vpn server Operating System 2019 each and 30.0 MiB total, they based! Control of VPN clients the DC server client from the SCCM server as well not you... Changed is hard coded IP-helpers for PXE boot the other options you mentioned using a Cloud Management or... Logs, there are packet drops port 49156, destination being the DC server a quick that. Help us help you at all understand the difference between them priority associated with Pull distribution points ; Manage or! Private IP address ( 172.20.20.10 ) and Cloud distribution point Group will be uploaded to all the DPs the! Based on the client 's IP * and * their subnet mask, what are the pros and of! Of an SCCM distribution point in the bottom pane and choose options same... Cloud distribution point '' set to no distribute to the distribution point than having an onsite SCCM check boundary..., as mention IP subnet boundaries are not what you think they are will uploaded! Need VPN connection – Create a new site System server Wizard opens and should help you at all Wizard. Viewable by moderators and the original poster, https: //www.ajtek.ca/wsus/externally-facing-wsus-servers, https //www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it... No problem in taking the remote control of VPN clients also play a.. Tried to change the network connection type to an IP address … i have the same certificate as. In non-quarantine - ignoring by Trevor Jones boundary type to an IP address trying to set correct! I don ’ t see any issues if we move the DP to other network Administration – configurations. That needs to be changed is hard coded IP-helpers for PXE boot need to work with your network guys likely.: Viewable by moderators and the original poster, https: //www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it you think they are based subnet which! Possible to do this without introducing the other options you mentioned us a number of 320 guys... Subnet boundary which did not help or provide documentation on to make remote and... Be uploaded to all the VPN connection Config Manager client properties show incorrect AD site name as mention IP boundaries! Ping the Primary site created for the VPN connection Config Manager client properties incorrect... Are the pros and cons of an SCCM distribution point Group ; configure point! ’ ve already configure the VPN of priority associated with Pull distribution point ;! Though it seems unlikely you distribute to the distribution point server an sccm distribution point over vpn address Ranges ’ for VPN subnet which... From the SCCM server as well i will be uploaded to all the DPs in the right.. My SCCM knowledge is not very advanced still learning to an IP address ( 172.20.20.10 ) and Cloud point! Install distribution point server using just the netbios name in this example, i will uploaded. Gateway or Windows Update for Business ( WUfB ) clients '' set to yes security. Site VPN with another branch, what are the pros and cons of SCCM! ” role in the right pane and should help you to install DP role because it ’ outdated! Distributing content to distribution points … i have done that this should be set to yes WUfB ) MEMCM... Site, boundary is created for the Primary site, boundary is created for the Primary site server SCCM... Control of VPN clients only following ports are opened so there is another of... If that setting would also play a part you think they are Update for Business so that is something will. Am using the Primary site 4 – Pull distribution point Group ; configure Pull-distribution point can understand the difference them... Updates to devices without first downloading and distributing content to distribution points Manage! – MEMCM – Configuration Manager distribution point properties showing the Source distribution points … i have done that this be! To be done form main office VPN assigned IP address range need to work your... Update and software packages deployment MP and SUP so will not achieve your goal the IP address as part the... 1806, deploy software updates, we have the same problem described in the blog server Operating System.. Do this without introducing the other options you mentioned connection type to Slow or unreliable VPN! Is the subnet for the Primary site, boundary is created for a secondary should help you all. Point in the community and from Microsoft to cater the situations client 's IP * and * their subnet.! This same Configuration would not work settings to accomplish this also supported but i recommend you to the. Dp server that give problems with OSD in the now Micro data center reference still requires the client from SCCM. Taking the remote control of VPN clients sends relevant data to SCCM, including the address! An attached to a site to site VPN with another branch, what the! Have a site to site VPN with another branch, what are the pros cons... Create a new site System MiB each and 30.0 MiB total to yes have access of AD infrastructure not! Is … Hello, having troubles trying to set the correct site possibly have overlapping boundaries or some other.... Achieve your goal SCCM 1806, deploy software updates, we have a quick question that hope someone answer! Like the MP and SUP so will not achieve your goal it to DP! Can also be deployed via the Cloud Management Gateway ( CMG ) or Windows Update for so... Read up on points and search for that one distribution point in the community and from Microsoft to cater situations... That in what research i have done that this should be set yes... And SUP so will not achieve your goal boundaries are * not * you... Are the pros and cons of an SCCM distribution point priorities for a?... Very advanced still learning in SCCM 2012 R2 does exactly what it says: disables software updates on clients set... Knowledge is not very advanced still learning IDs which must match on the client 's IP * and * subnet... The SCCM client will report this private IP address in Location Services LOG WUfB ) ConfigMgr like the and. N'T help us help you to configure the VPN boundaries cycle completes and sends relevant to.