(imported comment written by BenKus)
Hey Joe,
Tyler mispoke… The Relays don’t send UDP to each other. Instead the relays/server have two-way TCP connections with each other, see here for info to hopefully explain everything:
http://support.bigfix.com/bes/misc/networktraffic.html
In order for the send-refresh to work properly with your firewalls, the following must be open:
TCP 52311: Server -> Relay1 -> Relay2
UDP 52311: Relay2 -> Client
In addition, you will need TCP 52311 open from Client -> Relay2 -> Relay1 -> Server, but I expect that is already working otherwise the agent would have never reported.
So perhaps you don’t have two-way TCP enabled between the relays/server and that is the cause of the issue?
Ben