When I have users that are traveling or working from home and I deploy a policy update, I'm finding that their systems are not receiving Group Policy changes until they return to the office. The strange part is that it is only Group Policy that isn't working, Remote Management and DLU do update over the Internet.

What I am seeing is my Group Policies show up with Failed under Effective status, where the other policies show Success. When I look at my log file, I keep seeing an entry that indicates that the Zenworks Server could not be located, but I am showing that I'm authenticated to the server on both the server and workstation logs.

I have my ZCM server configured with DNS with both internal and external entries, and the server properties do recognize the correct address when it is on and off my network. From the Control Center, when the laptop is off of the network the outside IP address is detected under the system details, so there is communication taking place, but it appears that something is still being blocked.

I did open most of the ports required for ZCM in my firewall from what was in the documentation, at one point I had all of the ports open but scaled back because they weren't resolving my issue, but in my firewall I do see attempted communications over random blocks of ports between the internal and external IP addresses. Because of the randomness and vague identification as TCP packets I can't very easily open those ports on the Firewall.

Does anyone have any advice for how to get Group Policy to update correctly over the Internet for my remote user's systems? Thanks!