One solution could be to offer to set this in tl-setup when choosing agent.
Also see bug 2561.
One consequence of this is that clients can't reach the agent from outside the LAN.
*** Bug 4228 has been marked as a duplicate of this bug. ***
*** Bug 7975 has been marked as a duplicate of this bug. ***