Endpoint Protection

 View Only
  • 1.  Firewall Blocking DHCP

    Posted Jan 03, 2009 04:36 AM

    I have just got home from holiday and turned on my server and somehow the clients are not being assigned an IP address. As when i left every thing was going ok. I am running Windows Server 2003 Standard Edition and Symantec Anti Virus Corporate Edtion 10.1. My solution was to open the port in Symantecs Firewall but could find where to do so.

     

    If you know how to fix the problem please help me.

    Thanks,

    Wade



  • 2.  RE: Firewall Blocking DHCP

    Posted May 01, 2009 07:55 AM
    Hi AmphTech

    I'm having exactly the same problem as you at the moment. It's only recently that the problem has occured. Clients are unable to obtain an IP address from one of our DHCP servers. The other seems to be leasing them to clients fine.

    Have you been able to resolve this problem at all yet. I am currently running version 11.0.1000.1375. I have looked up this problem on other sites and have found that the smart traffic filtering automatically allows this traffic. Unless of course there is a rule that denies the traffic but I'm sure symantec wouldnt have created a default rule to do this.

    If you have had any luck please help

    Chris


  • 3.  RE: Firewall Blocking DHCP

    Posted May 01, 2009 08:15 AM
    Hi,

    Check if you have followed the steps mentioned in http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007101417361248.

    ....Barkha



  • 4.  RE: Firewall Blocking DHCP

    Posted May 01, 2009 10:26 AM
    @AmphTech

    SAV doesnt have the inbuilt firewall unless you are also using the SCF.

    If you are, You can use the SCFA to configure the ports. If not, Change the direction of troubleshooting.

    @brannel01

    Other than what Barkha said. You are at a real outdated version of SEP. MR4MP1a is the latest one around. MR4 is the minimum required for migration, So get to MR4 anyway.

    If you have handful of clients, You can start migrating them rightaway to MR4 and then Mr4Mp1a but for a large environment, You should wait for some more time before rolling out MR4Mp1a as MR4Mp2 will be in the air anytime. It's already due as per the stickeys around.


  • 5.  RE: Firewall Blocking DHCP

    Posted May 07, 2009 10:56 AM
    To modify the firewall policy

    In Symantec Endpoint Protection Manager, on the Policies page, under View Policies, click Firewall.
    Find the policy that is associated with the group that contains the DHCP server. Right-click this policy and click Edit.
    Click Rules > Add Blank Rule.
    In the Name column, give the rule a name such as "Allow DHCP server."

    In the Service column, right-click the new rule and select Edit.
    Check DHCP Server, and click OK.
    Move the new rule above any other rules that would otherwise block DHCP server traffic.
    Click OK to apply the policy.


  • 6.  RE: Firewall Blocking DHCP

    Posted Sep 17, 2009 09:31 AM
    Eventually I rang symantec technical who were extremely helpful. Bascially I had created the correct rule in the firewall so that it would allow DHCP traffic to pass through, but the clients weren't updated with the most up to date policy. So all I needed to do was to update each computer with the most recent policy. Obviously I did this through synchronizing SEPM with our domain controller and active directory and updating the OU's. So in the firewall I created the rule to allow DHCP traffic and moved it to the top of the policy list. Great Success!!!!

    Thanks to everyone that replied with responses. All were very helpful :D