What is the best practise for managing laptops that are not always on the LAN?
Right now I have Group Policy configured to point all nodes to Patch Manager.
Is it possible to point to a WSUS server (which happens to be the PM server) as well as the Internet for updates?
I see there is an option to create an alternate server location but I am not sure if this means a LAN based one.
I have opened a ticket but the suggestion is to have a different Group Policy pointing to native internet for these laptops?
Any suggestions?
Just an update from my earlier post.
Looks like the best option would be to present the Internal WSUS server (on server 2016) to the internet.
Has anyone done this and is it really a simple case of FQDN on port 8530?
Really want to avoid the hassle of installing a SSL cert so would http://FQDN:8530 be possible?