Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Errors in our Firewall logs for UDP port 137 SMP 7.5

Created: 02 Apr 2014 | 2 comments

Hello All,

Our network admin sent me a question on what was trying to attempt to connect on UDP port 137.  We are seeing the servers try to communicate with the clients on this port about every 1 to 2 minutes.  This is filling up our logs.  Has anyone seen this or does anyone know what would cause this?

This is the entry in the firewall logs:

Apr 2 14:51:34 192.168.0.1 %ASA-4-106023: Deny udp src dmz:192.168.6.75/137 dst outside:209.121.225.244/137 by access-group "dmz2in" [0x0, 0x0]

My Environment:

1 Notification server

2 Gateway Server - In DMZ

2 site servers

All of my users are Cloud Enabled and only connect via the cloud.  We do not have any internal connections other than our test machines.  Any help would be greatly appreciated.

Thanks

Operating Systems:

Comments 2 CommentsJump to latest comment

Igor Perevozchikov's picture

Hi,

Please check this link about port 137 in SEP Server https://www-secure.symantec.com/connect/forums/role-port-137-sep-server

Also http://www.symantec.com/docs/HOWTO81103

Thanks,

IP.

  1. Don't forget that, first you can find an answer for your question in Knowledge base
  2. If answer solves your question, then please mark as solution to close a thread
SnappyJY's picture

Hello,

according to the post you linked to, see below.  It appears that this is not used in SEP.  I am using CMS.  In that post they also refer to "Push Deployment".  Is this referring to patch management push or deployment solution push?  All of my clients are Cloud based, our network guys said they wont open that port as it opens up a security risk.  The clients the servers are tyring to connect with are all in the cloud not on our network.

Vikram Kumar-SAV to SEP

There is NO ROLE of SEPM on port 137.Nothing related SEPM.

It is used to discover windows clients, Have you made SEP client on SEPM as Unmanaged detector ?