I'm trying to remote powershell from my domain joined PC to a server in our DMZ but I cannot figure out how to get it working.
The DMZ server has a listener configured for HTTP on the default port 5985 that is enabled. The two NIC's in the machine are both labeled for Public networks so I changed the Windows Remote Management (HTTP-In) firewall rule for the Public profile to accept connections from my IP as well as the Local subnet that was already configured.
On my client machine (Windows 10) I added the server's hostname to the WSMan:\localhost\Client\TrustedHosts and I added the LocalAccountTokenFilterPolicy (Value: 1, Type: DWORD) to the registry.
I create a credential object with my local credentials for the server (servername\username) and then I try
$Sess = New-PSSession -ComputerName DMZCOMPUTER -Port 5985 -Credential $Cred the connection always tries to use Kerberos to connect to the machine which is obviously not going to work.
If I try
$Sess = New-PSSession -ComputerName DMZCOMPUTER -Port 5985 -Credential $Cred -Authentication Basic I get an error that unecrypted traffic is currently disabled. Other Authetication schemes produce different error messages but I've never been able to remote.
Am I missing a configuration somewhere? What are the settings needed (server & client) to use remote powershell connect to a workgroup server from a domain joined client.