Hi,

I have configured a Firewall policy for a Group for blocking al Websites and that is not applying on the clients in the group.

i have some other firewall policuy for different groups.how do i check which policy is applied to this group when i check the Client properties the Firewall wall policy number is the same as which i created for this group.how do i make the policy work.

Firewall polict created as

Hello,

Please have a look with these threads..

How To Block Internet address via Sep Manager Firewall Rule

https://www-secure.symantec.com/connect/articles/how-block-internet-address-sep-manager-firewall-rule

https://www-secure.symantec.com/connect/forums/how-check-sepm-console-policy-number-without-logging

https://www-secure.symantec.com/connect/forums/how-do-you-assign-policy-group

On the client, go to Help >> Troubleshooting and look at the Policy Serial Number

On the SEPM go to the Clients page, select the group the non-working client is in and go to the Details tab, look at the policy serial number.

Make sure they match and that the client is checking in to the SEPM.

Hi,

kindly find the attaced Policy number and the policy created.

So it looks like you're trying to block all web browsing? This is just a screenshot so it's hard to see what you want to accomplish.

Hi Brian,

I am trying to block all website for a particular group.

Do you use a proxy server by chance?

Sorrry for the delay response.

We dont have any proxys in our site.

We have Firewall and which we allow Internet browsing for all users.I want to block the same for a Particular Group through SEP.

The rule you're using looks ok from what I can see. Is nothing working at all?

All the websites are working and even the log is also not getting any of the report for the rule number (Block rule).

Kindly suggest me the other possible ways to test why the rule is not working.

Are you sure the firewall component is even installed?

You could enable extended TSE debugging:

https://support.symantec.com/en_US/article.TECH102412.html#TSE

Hi,

Verify the policy number. Refer the below screenshot.

If policy number is correct & it's still not working means rule is not configured correctly.

Let us know if need any help to configure firewall rule.

Every thing appear to be the same both on the Client and the server side policy.but still it is not working.

Hi Brian,

How do i monitor the debug after enabling on the client can you share some screenshots or video on how to monitor after extended TSE debugging enabled

regards

USK

There could be three possibilities, either policy is not configured correctly or policy itself is corrputed or traffic is going via Proxy firewall.

Make sure following steps are followed to block all web sites:

1. In the Symantec Endpoint Protection Manager (SEPM) console, under the Clients view, select the Group where you want to apply this policy.
2. Select Policies tab on right side.
3. Double-click the Firewall policy and select to Edit Shared when prompted.
4. In the Firewall Policy window select Rules.
5. Click the Add Blank Rule button. A blank rule is added to the list.
6. Change the name of new rule to (for example) "Block All Websites", then select the appropriate Severity.
7. Double-click in the Application cell to invoke the Application List dialog box.
8. Click the Add button and enter iexplore.exe (or firefox.exe) to block Internet Explorer (or Firefox) traffic to any website.
9. Click OK twice to return to the Firewall Policy window.
10. Double-click in the Host cell to invoke the Host List dialog box. Ensure that Source/Destination is enabled and click Add to enter the source and IP address or IP range of the computers to be blocked .
11. Under Destination click Add and select DNS Domain from the Type drop-down list.
12. Enter an asterisk (*).
13. Click OK twice again to return to the Firewall Policy window.
14. Leave Service at Any and select an Action of Block.
15. You may also enable logging by selecting Write to Traffic log at Logging column.

Contact support so someone can get on your machine and look into this.