SCCM - Deploying Software Updates and VPN

Question

Hello!

Hopefully someone has the answer to this as I have tried to research for a while and come up empty. I am trying to deploy the 1909 Feature update to some remote clients that utilize VPN. I setup the deployment last Monday to be downloaded from Microsoft Update and installed on Friday at 10pm, so computers had a whole week to check in to the SCCM server. Users were instructed to leave their computer on overnight on Friday to be able to install and update their devices.

Come to Monday morning (today) and I am now finding devices are only just now downloading and deploying the update. Any device that was not on VPN (which is the majority of them) did not update. Does this mean that the computer has to be connected to VPN at the time the deployment is scheduled for, even though I set it to download from Microsoft Update?

Thanks,

Answer 1

Hi @Michael Gilleran ,

Thank you for posting in Microsoft Q&A forum.

For the question, the clients need to contact CM via VPN at 10pm on Friday, otherwise they will not be triggered to download the updates from Microsoft .
So yes, if we want to deploy the updates via VPN, the clients need to be connected to VPN at the time that the deployment is scheduled.

If you don't want to connected to VPN for such a long time, we could set one of the client in the boundary group as a DP, then deploy the update contents to this DP and let the other clients access it to download the contents.

Hope the above information can help you.

---

If the response is helpful, please click "Accept Answer"and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.