Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

simple endpoint 11 question (i hope)

Created: 02 Jan 2008 • Updated: 21 May 2010 | 7 comments
smileyvery-happy:
 
this seems like a very simple fix, but the simplest things sometimes
are the hardest!!!

i have endpoint 11 on a laptop i use on a home wireless network.  i
can't see the other computers on the wirelesss network unless i
disable network threat protection.  then i discovered the ability to
configure firewall rules.  i tried to tweek the three rules that were
already set from instalation, but to no avail.  i created a new rule
to allow all traffic on all ports through all protocols on all network
adapters.  i was then able to see the other machines on my network,
but this doesn't seem like the right thing to do because i feel like
i've left the firewall wide open.

my question is...how do i set one of the three pre-installed firewall
rules to allow me the simple task of seeing the other machines on my
little home wireless network...without compromising the rest of the
firewall features and security?

thanks...

scott

Comments 7 CommentsJump to latest comment

Abhishek Pradhan's picture

Unmanaged Symantec Endpoint Protection 11.0 clients cannot access shared network folders when Network threat protection is installed and enabled.

Solution -

Creating a rule to allow network file and printer browsing
Open the "Symantec Endpoint Protection client interface."
Click Options beside "Network Threat Protection". This will open a menu.
Click Configure Firewall Rules... in the menu. This will open the "Configure Firewall Rules..." page.
Click Add.... This will open the "Add Firewall Rule" page.
On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
On the "Ports and Protocols" tab, select TCP from the "Protocol" menu.
In the "Remote ports:" box, type 88,135,139,445
Click OK
Click the Add... This will open the "Add Firewall Rule" page.
On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
On the "Ports and Protocols" tab, select UDP from the "Protocol" menu.
In the "Remote ports:" box, type 88.
In the "Local ports" box, type 137,138
Click OK.
Confirm that both of the new rules are enabled (have a check mark beside them).

Do let us know if this helps.

Abhishek Pradhan,
Symantec Corp.

Abhishek Pradhan, PMP, MCT
Blog: http://blog.abhishekpradhan.net | SIG Lead - Pune IT Pro (Microsoft Pune User Group) | http://www.puneusergroup.org

salchichon's picture
:smileyvery-happy:
 
sorry...that didn't do it.  thanks for your response though.  i triple checked the settings you suggested and the wife checked them once also.
 
another sugestion?
 
thanks...
 
scott
Sandeep Cheema's picture
Scott,
 
This shouldnt be too tough.
 
What you have to do is add a blank rule and move it right at the top(Do you see the move up button over there ?)
 
Once it sits there, you have to double click on the services under it and select all the services that you think would be used in your environment.
 
Click on OK and then assign the policy to the desired groups and update the respective clients with the new modified policy.
 

De facto when AV does something, it starts jumping up and down, waving its arms, and shouting...

"Hey!  I found a virus!  Look at me!  I'm soooo goooood!"

salchichon's picture
:smileyvery-happy:
 
i did create a blank rule like i said in my original post, but i was afraid i was compromising the rest of the firewall security by allowing everything to come through on all ports and all adapters.
 
should i have moved the rule Abhishek Pradhan suggested up to the top of the list?  remember, there were three other firewall rules pre-loaded in the program when i installed it.  i don't know enough yet about those rules, so i figured those were common and important firewall rules,  so i didn't delete or modiy them.
 
thanks...
 
scott 
lawman 2's picture

Scott,

 

A simple question for you, are, what version of SEP 11 are you using> If it is not MR1 are you sure you were getting on the wireless network with out the allow all rule.  SEP 11 prior to MR1 had an issue with no rule to allow EAPOL so if you wireless was secured using WPA you would not be able to connect by default.  The allow all rule you added  would have fixed this but it's probably not the best idea to allow all. 

salchichon's picture
:smileyvery-happy:
 
version 11.0.780.1109
 
believe it or not, the network doesn't have the wep function turned on, so that isn't an issue.  i was complely able to see all other machines and printers on my wireless network before i installed endpoint. 
 
thanks...
 
scott
salchichon's picture
:smileyvery-happy:
 
i tried moving Abhishek Pradhan rule to the top of the pre-loaded rules.  no success. 
 
could he have left out a step or setting?
 
scott