Unmarking the Enable denial of service detection" option in Intrusion Prevention Policy Settings will resolve this issue. But it is a work around not the solution.
The job of Automatically block an attacker's IP address is to Block all the communication from a source host for the specified number of seconds when the client detects an attack. For example, if the client detects a denial-of-service attack, the client blocks all traffic from the originating IP address. This feature is also called active response.This option is enabled by default in the SEPM
What you can do is Exclude the False Positive in the Intrusion prevention rule
Title: 'How to add an exception for Intrusion Prevention Policy to allow a specific ID through Symantec Endpoint Protection Manager'
Document ID: 2009110213020648
> Web URL:
http://service1.symantec.com/support/ent-security.nsf/docid/2009110213020648?Open&seg=ent