Endpoint Protection Small Business Edition

 View Only
  • 1.  How do I allow multicast in a system which firewall only allows members of a host list?

    Posted Aug 21, 2015 02:29 AM

    Tool: Symantec Endpoint Protection Manager 12.1

     

    I have a network of a few PC. I want to protect this from alien computers by using a firewall rule that only allows users in a host list. Problem is that the applications the system uses for internal comunication utilizes multicast, and the firewall rule only specifies source/destination or local/remote combinations.

    Logically, the firewall rule ought to allow my applications, but it does not. I have a debug tool that can send/receive to my applications. This runs on java, and I had to make a rule that allowed that application in order to make that work. Now my applications are blocked. Unless I run the debug tool as well, in which case SEP allows suddenly allows the applications to communicate freely.

    I also have problems with Remote Desktop being blocked. The other computers vanish from network list, and ping only works when using IP adress rather than PC name, which functions fine when SEP is disabled.

     



  • 2.  RE: How do I allow multicast in a system which firewall only allows members of a host list?
    Best Answer

    Posted Aug 21, 2015 07:09 PM

    Have you checked the traffic log to see what it shows?

    The last rule in the stack is block but does not log, you may need to turn on logging for that rule.



  • 3.  RE: How do I allow multicast in a system which firewall only allows members of a host list?

    Posted Aug 26, 2015 04:56 AM

    Allowing predefined service "Network Neighborhood Sharing" fixed the Reomet Desktop issue.

    A traffic log was indeed very helpful to identify the problems.