When SMA (Symantec Management Agent) starts in CEM (Cloud-enabled Management) mode, the Client Task Agent registers to its internet facing Task Server (CEM TS).

Then when you changed WiFi connection from CEM (External WIFI) over to Local WIFI then Task Server (TS) registration stays with the Task Server configured for CEM rather then changing over to Local TS causing unnecessary traffic in your environment.

Side-note:
The same thing happens when end-users sleep/hibernate the laptop at home and then move over to office.

Steps to re-produce:

1. Connect machine via CEM mode
2. Launch SMA. observe CEM connection active in SMA.
3. Change network connection over to local. Observe SMA CEM connection inactive, confirm with simple package download.
4. Check TS registration still connected to CEM TS until reset agent is performed.

ITMS 8.7.1, 8.7.2

By design

There is no such functionality now.

When you use SMA UI to reset Client Task Agent (CTA) then it always requests the list of TS servers from SMP Server.

When physical connection is established but the old connection is still intact/valid, then CTA will not re-register and will not change TS.

When one physical connection is broken and the new connection is established, then CTA will try to re-register on the previously used TS first. If the previously used TS connection fails, it will then request the list of TS servers from NS and may end up registering on another TS.

The behavior as designed helps to reduce the number of connections to SMP/TS and re-registration attempts, which are quite costly. We cannot re-register on every network adapter change.

Recommendation:

Configure the network so machines on the LAN cannot access the Internet Gateway. The gateway is supposed to be facing outside but should not be routable inside the firewall.

For ITMS 8.7.3 and above, refer to the following article:
Symantec Management Agent stays on CEM connection 'active' after switching to internal network