I have an ePO server and an Agent Handler (dmz), we have configured the client to use the epo server and then the DMZ one. If i leave my office, then the agent will try to connect to the agent handler in the DMZ when it fails to connect to the main epo server.
I have noticed that when i get back to my office, the client seems to keep its association to the DMZ AH because we have HTTP/HTTPS allowed to that zone. However, since we don't allow TCP 8081 from the DMZ to our internal zone, the epo is then unabled to wake up or run deployment task for that system.
So the behavior seems to be that once the agent fails to connect to first AH in the list (ePO server in our case), it will connect to the second one (dmz). The problem is that for lots of systems, it seems like they never go back to the primary AH (epo) which is causing some issues for deployment. Is there a way to force a system to use the ePO server as its primary AH?
Our Agent Handler configuration uses Agent Handler Assignment Rules for the Laptop OU which uses a specific list of AH with the following priority:
I tried to do a wake up with the option to use a "specific agent handler". It does connect to the endpoint with the AH that I selected but the endpoint keeps its association to the AH in the DMZ.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.