How to create a firewall exception
Created: 04 Dec 2012 | Updated: 17 Dec 2012 | 8 comments
This issue has been solved. See solution.
Our server unit has 2 new Novell servers that were just implemented in our environment. The problem is I cannot see them or access them, but when i turn off the firewall locally on the machine - i can see the servers. How do i set up a firewall exception to alllow the access to the Novell servers. i dont know what questions to ask to get the required info to create the exception.
please help me...
thanks
Discussion Filed Under:
Comments 8 Comments • Jump to latest comment
Check the traffic log on the machine doing the blocking. This will tell you exactly what is being blocked and from here you can start to build the necessary rule(s)
SEP Knowledge Base
Endpoint SWAT
I checked the traffic logs and attached a copy. I still do not know how to set the exception with the info from the traffic log. what am i looking for?
Customizing firewall rules
http://www.symantec.com/business/support/index?pag...
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
agree to above, or you can create a top most rule to allow traffic for the IP.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hello,
Go the firewall policy and create a new policy and there you can define the exception that you want to create.
If you want to create a firewall rule which affects only this one managed client, you have two options.
I am going to assume you will want option 2 and will provide instructions for that. If you need something different, let me know. I am also going to assume you are using SEP 11.0.x (as opposed to SEP 12.1), since you were not specific.
By default, a managed SEP client will not allow a user to create their own firewall policies from within the SEP client GUI. You will need to change the client interface control settings from within the SEPM to give yourself permission to to modify the client-side firewall rules. Follow these steps:
After you have made this change, you can now modify the client-side firewall rules using the following steps.
I suggest creating an Allow All rule (which, as the name suggests, allows all network traffic in or out of the box) and bumping it to the top of the rule list in order to confirm that this fixes the problem. If an allow all rule does NOT fix the problem, then any more specific rule (i.e., restricted to a certain port, protocol, or application) most certainly won't fix it either. Thus, testing the allow all rules can save you some time in the end.
Reference - Check this Thread:
https://www-secure.symantec.com/connect/forums/firewall-exception-managed-client
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hello! - Option #2 sounds exactly what I need to do. Can you provide the instructions for version 12.1.1000, I'm sorry I should have been more specific as to the version.
thanks!!
Hi ,
First check the NTP log and then create a new policy for excluding and create the rule,
if you want to apply the policy in your system crrate a new group and and test according to ur exclusion.
for your reference
https://www-secure.symantec.com/connect/forums/firewall-exception-managed-client
Thanks and Regards,
Mohammad zafar
Please Mark as solution if this comment solved your Issue....
Check here:
Adding a new firewall rule
http://www.symantec.com/business/support/index?pag...
SEP Knowledge Base
Endpoint SWAT
Would you like to reply?
Login or Register to post your comment.