One of the principal limitations of ZENworks support for devices that are not on the corporate LAN is that server initiated functions do not work: these include Quicktasks such as refresh or install bundle and device presence (ie the green button). These require connectivity on the default 7628 port to the IP of the device; it is the fact that devices are behind NAT on home or other LANs that prevent this working.

A similar issue used to exist for Remote Management in earlier versions of ZENworks, but this is now simply achieved using the Join Proxy service as a sort of "meeting place" that the remote machine can maintain a listening presence for administration requests.

It would add greatly to the function set of ZENworks if a similar methodology were added for port 7628 conversations. This could be an extension to the Join Proxy function, or a separate proxy service. Quicktasks would then be sent to the Proxy connection if there is one, or direct to the workstation IP if not.

Comments

  • What would be good is for all communication for the agent to be over TCP port 443 this is what other vendors solutions are doing for endpoint device management and with more users being mobile and just on "internet" connections becoming harder to control custom ports so feel this would be a more robust solution to guarantee the agent working.