After migrating to SEPM 12.1 (finally) we have everything working except for the firewall.  We did not have a firewall configured with 11.x but need to implement one for 12.1.  I have tried several configs but a few hours after applying one, the DC's both stop serving out filesharing and log on requests.

Here is a copy of the draft config I have been working on; hopefully someone can post a working config they have running already.  I am not sure why communications are being cut off, I am allowing DNS / DHCP; any traffic from the other DC and blocking IPv6.  Can anyone point me in the right direction; either a policy they have running or to some documentation that would be helpful?

Cyber_Saiyan

HI,

May be help

Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers

What is the last rule in your firewall?

Can you post the NTP log from when the time outs occur?

This article may be of some help, although it refers to 11.x it should still work for 12.1:

Symantec Endpoint Protection 11.0 Network Threat Protection (Firewall) Overview and Best Practices White Paper

http://service1.symantec.com/support/ent-security.nsf/docid/2007121714495348

Also, check this MS article:

Service overview and network port requirements for Windows

http://support.microsoft.com/kb/832017

we have got the same problem. are there any updates on your problem?

many thanks!