Distribution Server in DMZ again

Distribution Server in DMZ again

Hello

Checked Documentation and didn't find answer for our solution.
Please could anyone guide firewall/DC/DS/Agent settings.

We have DeskCentral server located in CorporateNetwork, many DistributionServer located in different offices (within CorpNetwork)
We have many laptop users working at home/Public

One more DC installed at AWS (as DMZ) with Firewalls rules (described in Documentation about DMZ)

Solution is not working. Agent can't communicate with DC. Troubleshooter shows DC and Notification server not accesible but DS accessible.

So,questions:
1. DS in DMZ - What should be in " Domain NetBios Name", " Computer Name", " IP Address", " FQDN/DNS Name" ?

2. Should we open (publish to Internet) DC server or Agents should communicate only with DC in DMZ ?

3. Test machine moved from "DMZ" remote office DC to Internal DC when got connected to LAN in office. Should (how) it be moved back if connected from Internet again?

Best regards,
Dmitry
              New to ADManager Plus?

                New to ADSelfService Plus?