Symantec Endpoint Protection blocking IPv6 communication with allow application rule

Article:TECH169685  |  Created: 2011-09-15  |  Updated: 2014-06-04  |  Article URL http://www.symantec.com/docs/TECH169685
Article Type
Technical Solution


Issue



  • A Symantec Endpoint Protection (SEP) firewall rule is set to allow a specific remote agent application to communicate with an application server.
  • Application server specific IP address is set and allowed in the rule.
  • SEP client is blocking the IPv6 communication

Cause



Symantec Endpoint Protection 12.1.671.4971 (RTM) IPv6 support still has some limitations.  The firewall rule does not allow the user to specify the IPv6 address.  Must use ‘All hosts’ for the ‘Hosts’ column.  The 'All hosts' option means all IPv4 and IPv6 addresses.

 


Solution



  • Set the rule to open the application's ports, instead of specific server address, with 'All hosts' allowed.

Or

  • Disable IPv6 on the application server to force IPv4 communication with the agents.




Article URL http://www.symantec.com/docs/TECH169685


Terms of use for this information are found in Legal Notices