so i started my inital ePO and ran into issues and called into support today. after the technician assisted i asked about the ports and items listed in the agent handler white paper. turns out that if clients do not have inbound 8081 enabled (and since 99% of users sit behind a firewall) there is going to be some issues with being able to completely manage remote clients. the 8081 data channel handles token info and user updates.
anyone with experience abel to chime in on what we can expect (or not expect) when managing remote clients with a agent handler in the DMZ? that would be remote clients that only talk to the DMZ handler? ideally id make it so the ePO server is completely unnaccessable and everything flows through the DMZ handler. at the initial point of install/config i would do it in my own network and have a firewall rule to talk internally to that DMZ machine (so more like a VLAN in that sense i guess)
i also saw that eepc v7 may fix this data channel issue.