In our environment we have two domains; Internal and DMZ. DMZ site has its own DP and for the internal we use same server as SCCM for DP. Recently we've created a new VLAN in our internal domain and added several systems to this new VLAN. Everything seems to work fine except that when we look at the firewall logs, we can see that all the systems connected to this new VLAN are hitting DMZ DP. In boundaries, I have tried to create a new boundry and assign the new VLAN IP range to my internal network, but this has not helped. Any other suggestions?

Check the locationservices.log on the client and see which DP they are using. Do you have the DP and the MP on the same server?Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund

Check the locationservices.log on the client and see which DP they are using. Do you have the DP and the MP on the same server?Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund

I can see that locationservices.log only has Internal SCCM server's name (which is what it is supposed to be). No sign of DMZ DP name. Internal server is the main SCCM server and it has DP and MP. Thanks.

I can see that locationservices.log only has Internal SCCM server's name (which is what it is supposed to be). No sign of DMZ DP name. Internal server is the main SCCM server and it has DP and MP. Thanks.

Just found a log file FSPStateMessage.log which contains error: Failed in WinHttpSendRequest API, ErrorCode = 0x2ee2 [CCMHTTP] HTTP ERROR: URL=HTTP://DMZSERVER/SMS_FSP/.sms_fsp, Port=8630, Protocol=http, SSLOptions=0, Code=12002, Text=ERROR_WINHTTP_TIMEOUT

Just found a log file FSPStateMessage.log which contains error: Failed in WinHttpSendRequest API, ErrorCode = 0x2ee2 [CCMHTTP] HTTP ERROR: URL=HTTP://DMZSERVER/SMS_FSP/.sms_fsp, Port=8630, Protocol=http, SSLOptions=0, Code=12002, Text=ERROR_WINHTTP_TIMEOUT

Little more information: It looks like some clients are attempting to connect to wrong Fallback Status Point in DMZ. Hence why I am getting these hits on the firewall. Any idea on how I can fix this?

Little more information: It looks like some clients are attempting to connect to wrong Fallback Status Point in DMZ. Hence why I am getting these hits on the firewall. Any idea on how I can fix this?

Do you have MP and FSP in DMZ ? Do clients report to MP in internal network or in DMZ ?

Do you have MP and FSP in DMZ ? Do clients report to MP in internal network or in DMZ ?

We have no MP in DMZ. Did have FSP and I have now removed it and it seems to be improving.