Endpoint Protection

I'm trying out the new SEP client beta and currently testing it with DirectAcces on a Win8 client. However, I can't seem to get it to work. I've found the article where I have to allow some ethernet protocols, and allow ipv6 (I've actually allowed everything there and some more just to test it out).. still can't get it to work. If i disable the Network Threat Protection, DirectAccess will work after a few seconds.. enable it, and i lose connection.

Any ideas? 

(says version 12.1.1989.1989 on the folder)

Check in SEPM firewall

Microsoft DirectAccess:
To allow Microsoft DirectAccess to work, you will need to:

1. Enable the Windows Firewall (for Windows 7, it should already show as enabled and managed by SEP).
2. Change the SEP firewall rules for IPv6 traffic to from "Block" to "Allow".
   • Please note the IPv6 support information below

Check this artical

http://www.symantec.com/business/support/index?page=content&id=TECH134869

Hello,

“Yes. In order to get DirectAccess working you need to do two things:

1. Enable the Windows Firewall

2. Change the SEP firewall rules for IPv6 traffic to from "block" to "allow"

Reference: http://www.symantec.com/docs/TECH134869

Also, Check this MS Article:

http://technet.microsoft.com/pt-pt/library/ee382257(v=ws.10).aspx

I am not sure if there are any more changes in Windows 8.

In my Windows 8 client, it says SEP has taken over the Windows Firewall role. Also, I have allowed IPv6 traffic. 

Have you allow IPV6 Firewall trafiic in SEPM console firewall ?

Is SEPM installed with the client? No i havent! 

edit: theres a folder named symantec endpoint protection manager, however theres no file that i can open.

Hi,

Open SEPM console -> Policies -> Firewall -> Change the SEP firewall rules for IPv6 traffic to from "Block" to "Allow".

So I guess i have to download SEPM first? I find it strange that I need another program to allow ipv6.

Hi,

What sep version are you using ?

SEPM Console are avaialble or not ?

SEP client are manage or Unmanaged ?

So you're using an unmanaged client?

The SEPM is the central management console for all the clients, in which all the changes are usually made. Is this not the case for you?

the beta version 12.1.2. SEPM console not available, unmanaged

ah okey, nah just wanted to test it with directaccess real quick :) But i guess it is a tad more complicated to test :( 

NTP - Network Threat Protection. IPv6 is initially blocked by default in SEP. You need to uncheck that option

Do the firewall logs show anything being blocked?

Hello,

Just to test, Could you try uninstalling the NTP protection from the Add /Remove Programs, restart the machine and check if that resolves the issue?

Hope that helps!!

Nope nothing actually. It seems everything is all good, but not! I'll install SEPM and try it out. Do I need to use a beta for that? Or is it fine to use the newest version I can find with SEP 12.1.2?

SEP client ->Network Threat Protection ->Option ->Configure Firewall Rules -> Allow all IpV 6 Traffic

Or Disable

SEP client ->Network Threat Protection ->Option ->Disable Network Threat Protection

Best to go with beta for that as well, just to be on same version across the board.

yeah works when i disable NPT :) takes a few seconds then I'm connected to directaccess. However, it would be nice to have this enabled!

HI,

You can Enable ipv6 traffic

SEP client ->Network Threat Protection ->Option ->Configure Firewall Rules -> Allow all IpV 6 Traffic

It's already on Allow, still doesn't work.

Can you post Screen shot for SEP firewall ?

HI,

Try to Disable the SEP firewall feature on add /remove program.

yup that works

But would be nice with that feature on :P any tips?

Hi,

any other option are avaialble ?

Some feature are missing in Snap shot provide other snap shot...

But you are using unmanaged client .

provide some other snapshot which are blocked service

I've allowed everything in the firewall to test this.

https://www-secure.symantec.com/connect/imagebrowser/view/image/2504511/_original

open the link to see the whole picture

HI,

Kindly unchecked option 6 and check working or not ?

It's says to allow but we will checked.

Your windows firewall on /off ?

unchecked option 1 through6, not working.

Checked them agian, not working.

Hi,

Your windows firewall on /off ?

HI,

Try to on windows firewall..

You can't turn on Windows Firewall when SEP is active. Even if i disable NTP, you still can't enable Windows Firewall. DirectAccess will see that there is a third party firewall there and will enable the settings needed to allow directaccess to work.

Hi,

It is advisable You can disable NTP feature or install SEPM manager so you can mange firewall  otherwise any possiblitiy are not available.

I've fixed the problem.

You have to allow Ethernet 0xDDC9. 

What is exactly ethernet 0xddc9?

HI,

This is Gigabit Ethernet driver

Ah okey thanks, and also one more question.. 

I got DirectAccess to work without allowing 0xfb33 and 0xfb34. Trying to figure out the minimum requirements that needs to be allowed. 

Could you tell me what these ethernet types are?

Support of Microsoft DirectAccess and IPv6 (in Windows 7)

http://www.symantec.com/business/support/index?page=content&id=TECH134869

How to configure Symantec Endpoint Protection 12.1 for use with Microsoft's DirectAccess

http://www.symantec.com/business/support/index?page=content&pmv=print&impressions=&viewlocale=&id=HOWTO55829