Location specific policy not opening rules/ports when switching locations
SEP 11.0.5005.333 running on Win7 SP1 clients
We also have it running on XP SP3 clients and the SEPM is 2008 R2
Issue is with location specific firewall policies.
Our domain location is based on connectivity to the management servers, once there is no access to either management server, the offline location policy is a copy of the domain based one, with a few additional restrictions to block remote management tools, DNS resolution of the client, network neighbourhood browsing and sharing.
With an XP client, we can move between the locations and policies without issue.
With a Win7 client it can be started up on the network and gets the correct policy. Unplug the network cable and it correctly switches to the more restrictive offline policy. If you then reconnect to the network, it knows it is online as the location changes, but the more restrictive offline policy settings stay in place (if I try to ping by name, it won't resolve, which is correct for the offline policy, but should resolve and reply when on the domain).
If I then reboot the Win7 PC, it stays with the correct online policy, but the restrictions are now opened up as they should be on the domain.
So the Win7 client needs a reboot when going from offline to online policy, otherwise the offline policy restrictions stay in place
Win7 firewall service is running, but all 3 profiles are disabled.
I'm figuring this out as I go, so any pointers or info would be greatly appreciated.