You can rerun the mgspolicy.exe with the -t machine flag. This will force a policy update. This will also help determine if the issue is network related.
Are you sure the port and url is reachable ?
If you have certificate for theses computers try to setup the reg to disable servercertificate check.
key: CheckCertificateRevocation value: false
key: CheckServerCertificate value: False
You could also check your IIS log on the FNMP to see it the agent has reached it and what was the policy file requested (it must contains the servername).