Hi,
I had logged the case in symantec Technical Support for this issue. I have recieved the mail from Symantec stating that there is a issue with the MR4SP2 version (for DHCP enforcer NAC). And advised me to wait for MR5MP1 release.
Symantec Technical Support also told me that they have same cases like this with them and developement team is working on the same.
This is just for information, so if any one is facing this same issue has to wait for MR5MP1 release.
Regards,