When Symantec Endpoint Protection's firewall is enabled, a VMware or MokaFive virtual machine with the network in bridged mode cannot acquire an IP address via DHCP while connected via wireless

Article:TECH206168  |  Created: 2013-05-13  |  Updated: 2013-05-23  |  Article URL http://www.symantec.com/docs/TECH206168
Article Type
Technical Solution


Issue



When Symantec Endpoint Protection (SEP) version 11 or 12.1's firewall is installed and enabled on the host computer, a VMware Player, VMware Workstation, or MokaFive guest virtual machine whose virtual network interface card (NIC) is in bridged mode cannot acquire an IP address when the machine is connected to the network using a wireless access point. When ipconfig /renew is run from the command line, the following error is returned: An error occurred while renewing interface Local Area Connection : The DHCP client has obtained an IP address that is already in use on the network. The local interface will be disabled until the DHCP client can obtain a new address.

The issue does not occur if the NIC's mode is changed from bridged to NAT, if the SEP firewall is disabled or uninstalled from the host computer, or if the computer is connected to the network physically via ethernet.

Adding an Allow All rule to the SEP firewall does not resolve this issue.

 


Environment



This issue occurs on Windows 7.


Cause



Symantec has worked with VMWare and MokaFive and has determined that this is not an issue with the Symantec firewall.


Solution



Symantec has worked with VMWare and MokaFive and has determined that this is not an issue with the Symantec firewall. This issue may be worked around by making one of the following changes:

  1. Switching the guest virtual machine's NIC from bridged to NAT mode
  2. Connecting the host computer to the network via ethernet rather than wireless
  3. Disabling the gratuitous ARP broadcasts which occur after acquisition of an IP address from a DHCP server by the guest virtual machine. See Microsoft knowledgebase articles 219374 How to Disable the Gratuitous ARP Function and 199773 Behavior of Gratuitous ARP in Windows NT 4.0.

 


Supplemental Materials

SourceETrack
Value3152259


Article URL http://www.symantec.com/docs/TECH206168


Terms of use for this information are found in Legal Notices