1.Is the windows firewall on, on clients and on servers?
2. Is the  issue with ALL clients?
3. Was the  sepm server uninstalled, and then re-installed?
4. Post the sylink.log file from one  of the  clients

Are you facing problem in all clients or in some?
What is the OS of server and clients?
"it belongs to wrong group"--Whether the client is present in this group in SEPM?If yes you can move to correct group...

Thanks for super fast support!
=>
1. Windows firewall was turned off at both side
2. YES
3. YES
4. Where can I get sylink.log from client?
Thanks

1    8/27/2010 3:35:21 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
2    8/27/2010 3:35:21 AM    Information    12070202    Symantec Management Client has been started.    
3    8/27/2010 4:13:29 AM    Error    120B0001    Failed to contact server for more than 10 times.    
4    9/8/2010 9:20:01 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
5    9/8/2010 9:20:01 AM    Information    1207021A    Stopping Symantec Management Client....    
6    9/8/2010 9:20:03 AM    Information    12070204    Symantec Management Client is stopped.    
7    9/8/2010 9:20:54 AM    Information    1207020E    Location has been changed to Default.    
8    9/8/2010 9:20:55 AM    Information    1207020E    Location has been changed to Default.    
9    9/8/2010 9:20:55 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
10    9/8/2010 9:20:55 AM    Information    12070202    Symantec Management Client has been started.    
11    9/8/2010 9:21:03 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (VNDI09055)    
12    9/8/2010 9:21:09 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (VNDI09055)    
13    9/8/2010 9:33:21 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
14    9/8/2010 9:33:21 AM    Information    1207021A    Stopping Symantec Management Client....    
15    9/8/2010 9:33:23 AM    Information    12070204    Symantec Management Client is stopped.    
16    9/8/2010 9:33:43 AM    Information    1207020E    Location has been changed to Default.    
17    9/8/2010 9:33:43 AM    Information    1207020E    Location has been changed to Default.    
18    9/8/2010 9:33:43 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
19    9/8/2010 9:33:43 AM    Information    12070202    Symantec Management Client has been started.    
20    9/8/2010 9:33:55 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (VNDI09055)    
21    9/8/2010 9:34:01 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (VNDI09055)    
22    9/8/2010 9:40:22 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
23    9/8/2010 9:40:22 AM    Information    1207021A    Stopping Symantec Management Client....    
24    9/8/2010 9:40:23 AM    Information    12070204    Symantec Management Client is stopped.    
25    9/8/2010 9:40:29 AM    Information    1207020E    Location has been changed to Default.    
26    9/8/2010 9:40:29 AM    Information    1207020E    Location has been changed to Default.    
27    9/8/2010 9:40:29 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
28    9/8/2010 9:40:29 AM    Information    12070202    Symantec Management Client has been started.    
29    9/8/2010 9:40:34 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (172.25.5.3)    
30    9/8/2010 9:40:40 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (172.25.5.3)    
31    9/8/2010 9:48:01 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
32    9/8/2010 9:48:01 AM    Information    1207021A    Stopping Symantec Management Client....    
33    9/8/2010 9:48:02 AM    Information    12070204    Symantec Management Client is stopped.    
34    9/8/2010 9:48:11 AM    Information    1207020E    Location has been changed to Default.    
35    9/8/2010 9:48:12 AM    Information    1207020E    Location has been changed to Default.    
36    9/8/2010 9:48:12 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
37    9/8/2010 9:48:12 AM    Information    12070202    Symantec Management Client has been started.    
38    9/8/2010 9:48:19 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (172.25.5.3)    
39    9/8/2010 9:48:25 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (172.25.5.3)    
40    9/8/2010 10:38:27 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
41    9/8/2010 10:38:27 AM    Information    1207021A    Stopping Symantec Management Client....    
42    9/8/2010 10:38:28 AM    Information    12070204    Symantec Management Client is stopped.    
43    9/8/2010 10:38:34 AM    Information    1207020E    Location has been changed to Default.    
44    9/8/2010 10:38:35 AM    Information    1207020E    Location has been changed to Default.    
45    9/8/2010 10:38:35 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
46    9/8/2010 10:38:35 AM    Information    12070202    Symantec Management Client has been started.    
47    9/8/2010 10:38:46 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (172.25.5.3)    
48    9/8/2010 10:38:52 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (172.25.5.3)    
49    9/8/2010 10:45:01 AM    Information    1207021A    User is attempting to terminate Symantec Management Client....    
50    9/8/2010 10:45:01 AM    Information    1207021A    Stopping Symantec Management Client....    
51    9/8/2010 10:45:02 AM    Information    12070204    Symantec Management Client is stopped.    
52    9/8/2010 10:45:50 AM    Information    1207020E    Location has been changed to Default.    
53    9/8/2010 10:45:51 AM    Information    1207020E    Location has been changed to Default.    
54    9/8/2010 10:45:51 AM    Information    12070201    

Windows Version info:

Operating System: Windows XP Professional x64 (5.2.3790 Service Pack 2)

Network  info:

No.0  "Local Area Connection 2"  00-15-17-72-09-a1  "Intel(R) PRO/1000 PT Quad Port LP Server Adapter" 172.25.5.1

    
55    9/8/2010 10:45:51 AM    Information    12070202    Symantec Management Client has been started.    
56    9/8/2010 10:45:53 AM    Information    12070301    Connected to Symantec Endpoint Protection Manager (172.25.5.3)    
57    9/8/2010 10:45:59 AM    Information    12070304    Disconnected from Symantec Endpoint Protection Manager (172.25.5.3)    

If your SEPM was reinstalled follow any one of the following procedure to connect all clients Back(If you not having a backup of old server.Do you have backup?)
How to point Symantec Endpoint Protection(SEP) clients to a new Symantec Endpoint Protection Manager after you have either uninstalled, are going to decommission or replace the Existing Primary Symantec Endpoint Protection Manager (SEPM).

Please paste the sylink log from the client

https://www-secure.symantec.com/connect/downloads/sylink-toggle

Thanks for your support so far!
I forgot to restore Certificate. After restored, client now can connect to Server, but I cannot access SEP Manager console.
It displays "Unexpected Error". This happened before, and that's reason why I resinstalled SEP Manager.
After restored certificate, I cannot access to SEP console.
Pls help!

PLease go to IIS manager -> SEPM website 

Right click on reporting and click on Browse.

You should get a login screen. Use the SEPM credentials and login.

let us know if you are able to login

Go to Programs--->Symantec endpoint protection manager--->management server configuration wizard and reconfigure your SEPM....

Run the Management server configuration wizrad

@Maheshroja: appeared error (as attachment)
@ AravindKM: I've tried to reconfigure the server, it worked for a while (about 3 minutes), and error appeared again

Restart IIS and SEPM related services and check

Restart your server and try.If not helps Pls  attach the scm-server-0.log which is present in Program Files \Symantec\Symantec Endpoint Protection Manager\tomcat\logs

@AravindKM:
YES I already tried to restart the server.
Attachment is the log file.

@AravindKM:
YES I already tried to restart the server.
Attachment is the log file.

Refer this 

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/4bd90f7f0f5b95c18825738c00660e10?OpenDocument

Http 403 error is related to permissions

Its looks like IIS issue , Found in the Log "HTTP 403 Access Forbidden,URL: http://localhost:8014" Remove IIS and Login as Local Administrator and Install IIS and Re-install and Check,  If not working then try repair SEPM and see.

Is the SEPM installed on Windows XP?

Ensure that the appropriate rights are configured for IIS.
Verify that the DefaultAppPool identity is set to "Network Service."
Open the IIS Administrator
Expand <server name> > Application Pools
Right-click DefaultAppPool and select Properties
Under Identity, verify the Predefined radio button is selected and that the Network Service is selected in the drop-down list.

Verify user rights.
Click Start> Run.
Type gpedit.msc.
Expand Computer Configuration> Windows Settings> Security Settings> Local Policies.
Select User Rights Assignment.
Double-click on Adjust memory Quotas for a Process and Replace a process-level token and verify that the "NETWORK SERVICE" is listed.
Note: If the "Add User or Group..." option is disabled, it is possible that this policy is locked by a domain GPO (group policy object) which will require an assessment of domain GPOs.
Restart the "IIS Admin" service to update any changes.

Verify Authentication and Access Control.
Open the IIS Administrator
Expand <server name> > Web Sites
Right-click on Default Web Site and select Properties
Select Directory Security.
Under "Authentication and Access Control" select Edit.
Verify that Enable Anonymous Access is checked.
Please check the appropriate setting if you are utilizing Authenticated Access.

Verify Secure Communications is not selected (if SSL is not implemented).
Open the IIS Administrator
Expand <server name> > Web Sites
Right-click on Default Web Site and select Properties
Select Directory Security
Under "Secure Communications", select Edit
Verify that Require Secure Channel (SSL) is not selected.

Error Message: 403.2 Forbidden: Read Access Forbidden

 http://support.microsoft.com/kb/247677

Ensure the appropriate rights are configured for Internet Information Services (IIS). Perform the below verifications:

• 1. Open the IIS Administrator
  2. Expand Server Name
  3. Select Application Pools
  4. Right-click on DefaultAppPool and select Properties
  5. Under the Identity tab verify that the Predefined radio button is selected and that Network Service is selected in the drop down menu.
• 1. Open the IIS Administrator
  2. Right-click on Default Web Site and select Properties
  3. Select the Directory Security Tab
  4. Select Edit under Authentication and Access Control
  5. Verify Enable Anonymous Access is checked
  6. Verify Correct user name and password
  7. Please check the appropriate setting if you are utilizing Authenticated Access.
• 1. Open the IIS Administrator
  2. Expand Server Name
  3. Select Application Pools
  4. Right-click on Default Web Site and select Properties
  5. Select the Directory Security Tab
  6. Select Edit under Secure Communications
  7. Verify Require Secure Channel (SSL) is not selected
• 1. Run gpedit.msc
  2. Select Computer Configuration> Windows Settings> Security Settings> Local Policies
  3. Select User Rights Assignment in the left-hand pane
  4. Double click Adjust memory Quotas for a Process and Replace a process-level token and verify that "NETWORK SERVICE" is listed 
     Note - If the "Add User or Group..." button is disabled, it is possible that this policy is locked by a domain GPO (group policy object) which will require an assessment of domain GPOs.
  5. Restart the IIS Admin service to update any changes.

For More info refer http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007122815441848

You are getting this error , beacuse the SEPM is installed on Windows XP. Using a client OS like Windows 2000 Professional or Windows XP to host the SEPM is only feasible in the smallest of networks (fewer than ten SEP clients).  If at all possible, it is recommended to  install the SEPM on a server OS.

WORK AROUND

Set the connection limit for the Web site to an unlimited number of concurrent connections. To do this, follow these steps:
Click Start, point to All Programs, point to Administrative Tools, and then clickInternet Information Services (IIS) Manager.
ExpandComputerName, and then expand Web Sites.
Right-click the Web site that you want to configure, and then click Properties.
Click the Performance tab.
Under Web site connections, click Unlimited or you can Set the limit value if thats needed for the case.
Click OK,and exit IIS Manager. and Restart the SEPM and IIS service

.

Title: 'Symantec Endpoint Protection Manager is experiencing communication issues on Windows XP or Windows 2000.'
Document ID: 2007102210033448
> Web URL: http://service1.symantec.com/support/ent-security....

Yes you have to go for a server OS in SEPM.100 computer is a more than sufficient reason for a server OS in SEPM...