![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 53%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
1,062 questions
Hi,
I hope you are doing well.
These internet-based devices connecting to company network using VPN can be consided as internal devices, so that all the client push methods will work well. There is no need to set up CMG/IBCM to install SCCM client for your scenario while VPN is available.
Essentially, the Configuration Manager client has logic that looks at several factors, including being able to resolve a management point and the internal domain, to determine whether or not they are on the Internet.
When these factors are not met, the client will evaluate as IsInternet=1 and will switch to Internet mode and attempts to contact the site via the CMG.
When a client comes to onprime, it is likely that the client will meet enough criteria to consider itself IsInternet=0, then it will switch to Internal mode and contact the on-premises SCCM server.
Hope my answer could help you. Should you have any questions or concerns, please do feel free to contact me.
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.