Moved to product specific forum for quicker response.
McAfee Volunteer Moderator - Business Products
I don't believe ePO is really meant to exist the way you're trying to use it. The point of having two networks that can't talk to each other but then you create a server that bridges those two networks in essence defeats the purpose of them not talking to each other. The way you would do this in ePO would be to have a separate ePO per network, or you have an upstream ePO that then populates a Super Agent on each network or put an Agent Handler downstream on each network.
However, there is a way to kind of trick it to work how you want. You have to set the DNS in each zone for the exact same name but different IPs. This is how the McAfee Agent works.
- The agent uses either the last known IP address, DNS name, or NetBIOS name of the ePO server. If you change any one of these, ensure that the agents have a way to locate the server. The easiest way to do this is to retain the existing DNS record and change it to point to the new IP address of the ePO server. After the agent is able to successfully connect to the ePO server, it downloads an updated SiteList.xml with the current information
So in the DNS for 192.168.1.0 you set UPDATE=192.168.1.10 and then on the DNS for 172.17.1.0 set UPDATE=172.17.1.10. It will try to call the IP but then when that fails it will look it up in the DNS for the zone and find the correct IP it can talk to. If you can't setup the DNS per zone then you can edit the local HOST file and set UPDATE=correct IP so it then resolves it.
Perhaps, review the NIC binding order - ePO will bind to the first available IP address provided by the operating system.