I am still on a trial for the cloud gateway and have a few questions.
I manually installed an exported agent to a laptop. I added my laptops public IP to the firewall allow list. I was able to run brokerconfig.exe and request the client certificate.
How can this be automated?
I don't mind manually installing the agent, but i want it to connect and fetch the client certificate on its own.
Also do I need to add 0.0.0.0 to the firewall for all my public laptops? Is this only necessary for the certificate request? Can i block the administrative page to the public?
In terms of policy and groups, i'm assuming i can create some smart group based on public IPs or hostnames? i havent looked at that yet.
i know it says not to, but has anyone tried to put this behind a netscaler load balancer? This would be my backup if I can't block the admin page natively.