Video Screencast Help

Firewall SEP: Application ports open, not working? Last rule blocking?

Created: 07 Mar 2013 | 7 comments
haroldvm89's picture

Hello everyone?

I'm having problems with one application passing through a SEP firewall.

The application requires the following port to be open:

 

Port Multiplexer - 4728 (TCP)
CA Connection Broker Service (CSAMPMUX) - 7163 (TCP) CAM - 4104 (UDP), 4105 (TCP) NOS-LESS File Transfer, DTS File Transfer - 4728 (TCP) Infrastructure Deployment - puerto 7 (TCP), puerto 135 (TCP) y File sharing port - 445 (TCP & UDP).

However, the application does not seem to work. :(

 

I check the firewall many times, and all ports seem to be correct and open

I wonder if the last rule of the firewall (Block all access) is the one not allowing me to pass through these ports

 

Any ideas?

Thanks in advance

Comments 7 CommentsJump to latest comment

.Brian's picture

Can you post the Traffic log here for review? Try the app and than check the Traffic log to see if you can correlate it.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

.Brian's picture

You can see on both but if you can get it from affected client that may be easiest

Open SEP GUI >> View Logs >> next to Network Threat Protection select View Logs and Select Traffic log

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

haroldvm89's picture

Thanks for the soon reply.

In which part of SEPM i can see the logs of the SEP clients??? I really appreciate your help!

 

:)

SebastianZ's picture

It is easier to check directly on the affected client. But if you want to check from SEPM - go to Monitors -> Logs and then you can filter for Network Threat Protection events.

haroldvm89's picture

Thanks for the reply!!! For me, its easier to check on the SEPM console, because i dont have the availability to check the SEP client log.

.Brian's picture

You should be able to post a log here for review.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.