I have to demonstrate BES in which BigFix agent would be a roaming internet users with diffrent static public IP all the time…I wand all the roaming agents to be uptodate and synchronize with my BigFix server which is in my network…Customer is ready to provide a static IP to communicate between BigFix Server-agent and vice-versa…I believe this is possible with BigFix…Can any one send me the procedure about what configuration is required to achieve the above demonstration…
Yes, you can get the BigFix Agents on the Internet to report to your main BigFix Server if you make a Relay available to the Internet. Take a look at this picture (pay attention to the “DMZ” section on the right side of the picture):
Open the internal DMZ firewall to allow TCP traffic on BigFix port (default 52311) from the BigFix Relay to the BigFix Server (or parent relay). Enabling TCP communication the other way (from server to relay) is helpful for faster agent reponse times, but not strictly required.
Open the outside DMZ firewall to allow inbound TCP traffic on the BigFix port.
Create an IP or DNS alias that lets Internet devices reach the BigFix relay.
Use the “Relay Name Override” task in the BES Support Fixlet site to name the relay to the IP or DNS name.
Now you can manually point Internet computers to the BigFix Relay or if ICMP is allowed from the Internet to the BigFix Relay, you can use autoselection and the agents will automatically find the BigFix Relay.
After you do this, you manage your computers on the Internet roughly the same way you manage your computers in other offices.