I've a published ESM server running behind an F5, I'm using both internally and externally URLs for different users (internal users and roaming users). I was just wondering in case anyone knew I'm publishing the ESM Core outside and he figured out somehow the FQDN then he can register normally with my ESM server. Its only a theory but i think its possible.
My question is, do you know any way I can prevent unwanted agents registration to my published ESM core?
I assume the only solution for this at the moment till PA release something is to use internal CA, import the certificate on the Server and use the internal CA root cert on the client. in case of roaming users the root certificate will be added by support team and they can connect normally in that case.
The connection will not work if the PC doesn't have this root certificate.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!