I have been trying to upgrade agents to v4.0 which by default uses cfapi over SSL on port 9543. If I install the agent this way on DMZ agents they do not stay connected to Log Insight. If I start the service and monitor connections using netstat I can see that 9543 connection is established for a fleeting moment and then the connection disappears. If I change the liagent config to SSL=no then the agent works fine and stays connected on port 9000. For LAN based agents it all works fine. I've asked our Firewall team to advise and they can't see any problems with the rules or passing traffic. Any suggestions what to look for would be welcome.
Mark