Hi Sameer
You have to create a location aware policy in which you have to create a rule in which you have to menshioned the location, for example you can menshioned that if the client are connected with this DNS (for example 192.168.1.1) server consider it in office and if it not than SEP client will consider it self out of office. After adding location, you can configure different policies for different locations. As your SEPM server in DMZ you can also configure one internal IP address for LAN users.Please find the link below how to create a location awaire policy.I hope this will help you.
http://www.symantec.com/business/support/index?page=content&id=TECH97369
Regards,
Kamran