Make the following changes if the Configuration server on full-stream Satellite server does not communicate to the HPCA agent on the default port, 3464.
TCP_PORT
parameter in the edmprof.dat file located at <InstallDir>\ConfigurationServer\bin. For example, TCP_PORT=3909
AllowCONNECT
parameter in the httpd.conf file located at <InstallDir>\ApacheServer\conf to the same port as TCP_PORT. For example, AllowCONNECT 3909
You must enable SSL on the full-service Satellite server that will serve as an access point for devices from outside the corporate network.
You must expose an HPCA full-service Satellite server to the public Internet in a network DMZ. This subjects the Satellite server to a greater risk of attack than in a traditional corporate environment or VPN. To avoid such risks, only the following ports should be open on the full-service Satellite server.
In addition, to restrict the risk of attack, the HPCA services offered by the full-stream Satellite server should be limited to those required by Internet-facing clients. For example, if OS Management is only used on the local or corporate network, the full-service Satellite server in a network DMZ should not have OS Management enabled.