Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Endpoint Protection Manager breaks Network Policy Server in Windows Server 2008

Updated: 21 May 2010 | 3 comments
Smartinet's picture
Smartinet
0 0 Votes
Login to vote
This issue has been solved. See solution.

SEPM will not co-exist with Network Policy Server (i.e. RADIUS, etc) in Windows Server 2008.

Regardless of the ports you select for installation of the management server, it appears to break NPS due to a conflict of ports.

The standard ports for NPS are 1812, 1645 for Authentication and 1813, 1646 for Accounting.

It appears that SEPM uses RADIUS port 1812 which I cannot find anywhere to configure.

Just a word of warning as we have had to move this to a separate server as it 'doesn't play nice' with various other applications and services.

discussion Filed Under:
, , , ,

Comments

Abhishek Pradhan's picture
25
May
2009
0 Votes 0
Login to vote
Abhishek Pradhan

You can change the

You can change the configuration file and specify a different port for the SEPM to use.

Ideally, if you get the eror saying that RADIUS Port is already in use, just click OK and proceed with the installation. I've actually seen this a lot when I used to work with support, and haven't had any issues with the port conflicting.

Additionally, I've also configured a whole lab env. with the NPS role implemented, and the SEPM is co-existing w/o any issues on the same server.

Could you please describe what exactly happened when you installed the SEPM? or were you able to ascertain which component of NPS failed ?

Abhishek Pradhan, PMP, MCT
Consultant | Microsoft Corp.
Blog: http://blog.abhishekpradhan.net | SIG Lead - Pune IT Pro (Microsoft Pune User Group) | http://www.puneusergroup.org

Aniket Amdekar's picture
05
Jun
2009
0 Votes 0
Login to vote
Aniket Amdekar

To check which executable is

To check which executable is working on which port, you can use the command

netstat -ab C:\output.txt and then check the output.txt file in C drive. Search for 1812, you should see an executable name associated with that port.

This wont resolve the issue, but just another step for root cause analysis of the problem.

To solve the problem, change the port the Symantec Endpoint Protection Manager uses.

To change the port
Navigate to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\.
In a text editor such as Notepad, open the conf.properties file.
Add a line at the bottom that reads:

scm.radius.port=xxxx

where xxxx is the desired port number.
Press Enter to ensure that there is a blank line at the end of the conf.properties file.
Save and close the conf.propert

Hope this helps.

Cheers,
Aniket

SOLUTION
Conrad_Y's picture
19
Apr
2010
0 Votes 0
Login to vote
Conrad_Y

Aniket, thanks for the info

Aniket, thanks for the info here.  What is a good alternative port number to use?  (And do I ust use 'netstat -ab' again to confirm it is not in use anywhere?)

Do I need to restart any SEP services after this 'scm.radius.port=xxxx' line is added?  Or reboot the server?  Any client reconfiguration needed?  Thanks for the clarifications.

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,711