we have worked with ZCM11 for years. Since we have two networks which shouldn't communicate with each other (or better NetA shouldn't reach NetB) we are using two independent ZCM installations.
Now we want to consolidate this and merge them. We want to put a DMZ between those two networks:


After discussing with our firewall admin and our CIO there is the demand that the firewall between DMZ and b should be as intact as possible (what is a good thing at all). So one idea is to put a cluster server in the DMZ and one in NetB. Then only those two servers should communicate with each other. The clients then should talk to there correspondent server.
Also our firewall admin only can give us call IPs for the other net (and more networks to come). So the Zen Server in the DMZ will have another IP then the IP the clients in NetA know. Is this possible to configure on the server? I think we can deal with that with the zones on the ZCM. But how will the first contact to the server will work? The agent will use the DMZ-IP so the clients won't get the right adress of the server. Is there a best practice using different networks with ZCM? Can you give me some tipps for acheiving the communication between DMZ-Server and NetB-Server? Is there a communication chart?