Video Screencast Help

SEP 12.1 Firewall blocks Live Update in VMWare

Created: 01 Feb 2013 • Updated: 01 Feb 2013 | 9 comments
This issue has been solved. See solution.

Hi,

We have the following situation:

A computer with the newest managed SEP 12.1 Client on it. On this computer runs VMWare Player with a virtual machine. In this virtual machine runs an unmanaged version of the newest SEP Client.

The problem is, that Live Update doesn't work within that unmanaged virtual machine. On the host system with the managed client, Live Update works fine (both management server / Symantec Live Update Server).

In the host firewall log, an incoming TCP connection from the liveupdate server to the virtual machine is blocked. (firewall rule to block all ip traffic). Why does the host system blocks some traffic to the virtual machine? We already have a firewall rule to allow all traffic of the vmware adapters.

In the firewall log of the virtual machine, nothing gets blocked.

Why is Live update not working? (Everything like http/s and ftp is working)

Comments 9 CommentsJump to latest comment

.Brian's picture

Out of curiousity, does it work if you disable the firewall?

Did you specifically allow access to port 80/443 instead of hostname or IP?

LiveUpdate using dynamic IPs so you would need to add the specific port.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

BREL's picture

yes, when i disable the host firewall, live update starts immediately

.Brian's picture

Add a rule to allow 80/443 and move it to the top. Try running LU again.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ashish-Sharma's picture

How to determine whether your firewall is blocking LiveUpdate

 

http://service1.symantec.com/support/sharedtech.nsf/docid/2003090514252213

Thanks In Advance

Ashish Sharma

 

 

BREL's picture

I've already tried this document. i can download the http://liveupdate.symantecliveupdate.com/livetri.zip file

BREL's picture

 

the host firewall log shows entries similar to that:

 

blocked

TCP incoming   192.168.101.224 (local ip of virtual machine) 1044 (local port)   213.248.114.174 (remote ip) 21 (remote port)

 

 

.Brian's picture

Well it also uses ftp so allow port 21 as well.

What happens if you create an allow rule and place it at the top of the list than? Some rule has to be doing this blocking...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

BREL's picture

Just solved this problem:

We have a proxy in our network. in this network, the live update is not working within the virtual machine.

when i connect the computer to our guest network without proxy authentication, live update is working.

 

solution: the SEP client is using the system proxy settings by default. Now i changed one option in the unmanaged SEP Client of the virtual machine: in the Live Update Proxy configuration, i disabled the proxy.

After this configuration, the live update is working!

But i don't understand why the host firewall blocks some live udpate traffic when i use proxy authentication in the virtual machine!

SOLUTION