Endpoint Protection

Hi

I can't take it any longer. I've been trying to figure out how to configure the firewalls for an old version of ghost (7.5). SEP (11) is installed on both the client (XP) and the server (Server 2003). If I drop the firewall on both sides, the backup runs just fine. It's just that I haven't been able to figure out what rules I need so the firewall doesn't have to be dropped. The simplest approach I found was to open UDP 1345-7,6666, and 7777 in both direcitons on both ends, but that didnt' work. I found a couple of other articles that talk about IGMP (which should work here) and how the communication works between both ends, but was unable to get things to work. Sometimes I get a heartbeat, but that will go away after a while. My latest attempt didn't even get through wake-on-lan. I think I've been at this too long and have gotten way too confused.

Does someone know what rules I need where to put where to get it to go?

Thanks!!

Ed

suggest to open a support ticket,

identify the port required and then configure it on SEP.

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:
United States: https://support.broadcom.com (407-357-7600 from outside the United States)
Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
United Kingdom: +44 (0) 870 606 6000

India: Toll-Free 000 800 4401 456 directly

IDD call: +61 2 8220 7111

Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp

How to create a new case in MySupport

http://www.symantec.com/business/support/index?page=content&id=TECH58873

Create a case with Ghost and support and make sure you get thing done in a right way...

Hi

Wow, thanks for the replies. Unfortunately, our site license for SEP says no support. Or maybe I'm not understanding things and this wouldn't count in that category. If that's the case, I'm all over it...

Ed

We are here to help you anytime.........

Hi

OK, well I tried but got stumped as soon as it asked for a tech support number, which I don't have. Not sure what else to do.

Thanks

Hi,

I can try to find out support number if previously would have logged any case with Symantec?If yes, please share the case number with me?

If you have valid subscription then should be able to log a case with Symantec.

Let me know if any help required.

Check your email regarding to the purchase order of symantec product.

You can find the support ID

Please contact licensing team and check with them if you are eligible for support.

Customer Care Contact Numbers for Licensing Issues:-

http://www.symantec.com/support/assistance_care.jsp

Hi

I called the licensing center and was told we do have support until 9/9, so I now can open the case with the number that I was given. The nice lady on the phone gave me a different 800 number to use, which is a little confusing, but since I started here I prefer to stay here. That said, I'm opening a case through the tech support link Homer (!) gave. If that is the wrong thing to do, please let me know.

Thanks again!

Hi

OK, after some pain, I finally have the call started: 418-925-940

Thanks!

Hi

I want to close the loop on this. Since there are other articles about the ports that need to be open, though not complete from what I've found, I'm posting what I've found works. I have no idea whether there are better rules or even if some of these are unnecessary. This is merely what has worked several times for me. I'd certainly be interested if someone has a better set.

On the server:

Local: UDP 137, 1345, 1347, 6666 Remote: Ghost Clients UDP 137, 1025, 1346, 7777

Local: TCP 1347 Remote: Ghost Clients TCP 1347

Remote: 224.0.0.22, 224.77.1.0

Local: UDP 1347 Remote: Broadcast UDP 1346

On the client:

Local: UDP 1346 TCP 1347 Remote: Ghost Server UDP 1345, 1347

Remote: Broadcast, Ghost Server UDP 137

Remote: 224.0.0.22, 239.255.255.250, 229.55.150.208

There were several things that didn't work the way I expected. Trying to limit these rules to the applications caused them to be ignored. Obviously, the use of an application works since there's a rule to pass all application traffic, but for some reason I couldn't get it to work here. Combining the first 2 server rules into 1 caused it to not work. No idea why. For some reason, the distinction between inbound and outbound didn't work (if I remember correctly, inbound matched nothing and outbound matched both), causing the rules to not work, so these are all both directions.

Thanks

Ed

Hi,

Thanks for an update.