How to configure Symantec Endpoint Protection 12.1 for use with Microsoft's DirectAccess

Article:HOWTO55829  |  Created: 2011-06-30  |  Updated: 2013-09-12  |  Article URL http://www.symantec.com/docs/HOWTO55829
Article Type
How To

Product(s)


To allow DirectAccess (DA) to function properly, please ensure that Symantec Endpoint Protection 12.1 RU2 MP1 or above is in use and enable the Windows Firewall through the SEP firewall policy using these steps:

  1. Log on to the Endpoint Protection Manager (SEPM).
  2. Click Policies.
  3. Click Firewall then click Edit Policy.
  4. Click Windows Integration.
  5. Select either Restore if Disabled or No Action from the Disable Windows firewall drop down menu.

If the option “No Action” is chosen, the MS FW will have to be enabled in alternate way (if it is disabled).

DirectAccess should now function as expected.

Note: In SEP 12.1, open SEPM console -> Policies -> Firewall -> Change the SEP firewall rules for IPv6 traffic to from "Block" to "Allow".

Example:

  1. Log on to the Endpoint Protection Manager (SEPM).
  2. Click Policies.
  3. Click Firewall then click Edit Policy.
  4. Click Rules.
  5. Select Add Rule...
  6. Enter a rule name
  7. Click Next
  8. Select Allow connections
  9. Click Next
  10. Select All Applications
  11. Click Next
  12. Select Any computer or site
  13. Click Next
  14. Select Only the communications selected below:
  15. Click Add...
  16. Set the Protocol to Ethernet
  17. Enter in the desired ethernet protocols described above
  18. Ensure each newly added ethernet protocol is checked
  19. Click Next
  20. Choose your desired log setting
  21. Click Finish
  22. Click OK

 




Article URL http://www.symantec.com/docs/HOWTO55829


Terms of use for this information are found in Legal Notices