Hello , Mark O´Hara Here we are discussed what is you problem and its solution it simple and lengthy , To screen devices from another association with Zabbix using a Zabbix middle person, you truly need to spread out correspondence between the Zabbix mediator and the Zabbix server, which are on different associations. Here are the means you can follow to achieve this:

VPN Setup (Recommended): The most secure and recommended approach is to set up a VPN (Virtual Private Network) between the network where the Zabbix proxy is located and the network where the Zabbix server is located. This will create a secure tunnel for communication between the two networks, allowing the Zabbix proxy to reach the Zabbix server and vice versa. Make sure the necessary ports for Zabbix communication (e.g., 10050, 10051) are allowed through the VPN.

Firewall Rules and Port Forwarding: If setting up a VPN is not feasible, you can configure the firewalls on both networks to allow traffic on the necessary ports (10050 and 10051) between the Zabbix server and the Zabbix proxy. Additionally, you may need to set up port forwarding on the routers or firewalls to direct traffic from the external IP address of the Zabbix proxy to the internal IP address of the Zabbix server and vice versa.

Static Public IP (Optional): If you want to access the Zabbix server from the internet or across different networks, you can consider giving the Zabbix server a static public IP address. This will make it accessible from the Zabbix proxy and other networks without the need for VPN or port forwarding. However, keep in mind that exposing the Zabbix server directly to the internet may pose security risks, so ensure it is properly protected with firewall rules and other security measures.

Check Zabbix Proxy Configuration: Double-check the Zabbix proxy configuration file (zabbix_proxy.conf) to ensure that it is set up correctly with the correct IP address and port for communication with the Zabbix server. Make sure there are no typos or errors in the configuration.

Test Connectivity: After setting up the VPN, firewall rules, or port forwarding, test the connectivity between the Zabbix proxy and the Zabbix server using tools like telnet or ping to verify if the necessary ports are open and reachable.​

Remember that when setting up communication between devices on different networks, security is a critical consideration. Always follow best practices for network security, and consider consulting with IT professionals or network administrators to ensure a secure and well-configured setup.

If you encounter specific issues or errors during the setup, refer to the Zabbix documentation, forums, or seek support from the Zabbix community for further assistance.​

Mark O´Hara There's no need for vpn between server and proxy as long as you have traffic routed properly and every firewall within route, including ones within hosts, allows zabbix traffic, you can have vpn for extra security. If you have closed network, as it looks based on used addresses, then there's no need for public ip.