Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Unlock logs to mobile modems Internet

Created: 24 Jan 2013 | 9 comments
Hi my name is Xavier Lombeida and work in Ecuador BDO, work with the product Symantec Endpoint Protection (antivirus), and my problem is that it acquired mobile Internet modems (with the company clear, teams are Huawei E303 and work perfectly with Windows XP, but Windows 7 does not connect the mobile Internet, to disconnect the Firewall (Symantec Endpoint Protection also disconnected), the modem works, but that the company need not be left unprotected and without antivirus teams, there is a solution in console settings Symantec Endpoint Protection product?, to create a rule or policy logs to unlock mobile devices.
 
Thanks for your attention
 

Comments 9 CommentsJump to latest comment

.Brian's picture

It sounds like you need to add a rule to the firewall. What's showing in your traffic logs?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

This is a known issue - the default rule "block all other traffic" will block the mobile 3g connections on many of the USB network adapters. You can try allowing the rule or creating an exclusion for Ethernet traffic for this adapter - fix should come with next SEP 12.1 release.

lomboex's picture

Yes Brian81 i need to create a rule of Firewall, please someone can show me a guide to create a rule in the Symantec Endpoint Protection?

.Brian's picture

Have a look at this

Adding a new firewall rule

Article:HOWTO81156  |  Created: 2012-10-24  |  Updated: 2013-01-25  |  Article URL http://www.symantec.com/docs/HOWTO81156

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

consoleadmin's picture

Creating an allow application rule in a Symantec Endpoint Protection Manager (SEPM) firewall policy
http://service1.symantec.com/SUPPORT/ent-security....

How to add a rule using the"Add Firewall Rule Wizard"
http://service1.symantec.com/SUPPORT/ent-security....

Symantec Endpoint Protection Manager - Firewall - Policies explained
http://www.symantec.com/business/support/index?pag...

Thanks.

SebastianZ's picture

For those following this thread:

12.1 RU2 MP1 introduces the fix for this issue:

New fixes and features in Symantec Endpoint Protection 12.1 Release Update 2 Maintenance Pack 1

Article:TECH204685  |  Created: 2013-04-03  |  Updated: 2013-04-12  |  Article URL http://www.symantec.com/docs/TECH204685
 
Systems are unable to connect to the network using 3G USB cards after installing Symantec Endpoint Protection firewall
Fix ID: 2949361
Symptom: Certain USB 3G cards require the configuration of extensive protocols to allow network traffic to pass through the firewall.
Solution: Updated Teefer to allow for traffic missing certain header components to be processed.
duncanblake36's picture

Hi,

    I'm having the same problem. We have a fleet of Dell Xt2 Tablet/laptops which run on internal 3g modems. We're creating a new image for them and have installed EPP12.1 with the latest updates. Since the install the new version the internet get blocked by the firewall as soon as an upload is detected. For example. Start the machine up. Download anything - fine. Go to www.speedtest.net and perform a speed test. Download works fine. Then when it runs the upload the browser stops. Then the internet is blocked and stops working. The only way to fix turn off the firewall and restart. When the firewall is off the internet works fine. Turn it on and it stops again.

I run the client in debug mode. Here is what the log has (just a snippet)

There is no firewall rules set (apart from the default ones on the client). There seems to be a rule called "Block_all" which I can't find anywhere.

Any help would be great....

2013/06/04 13:01:05.451 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:06.481 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:07.510 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:07.573 [3124:4648] TSE3080: *********DROP PACKET**********
2013/06/04 13:01:07.573 [3124:4648] TSE: SecurityRule = Block_all
2013/06/04 13:01:07.573 [3124:4648] TSE3082: *** DROP PACKET ***
2013/06/04 13:01:07.573 [3124:4648] ======== TsPacket ====== BA: 0 == protocol: 2 ===
=== EtherII Packet=== len:143==== nic:0=====
11-01-fe-80-00-00  ---> 60-00-00-00-00-67 , protocol = 0x0

2013/06/04 13:01:08.540 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:08.711 [3124:4648] TSE3080: *********DROP PACKET**********
2013/06/04 13:01:08.711 [3124:4648] TSE: SecurityRule = Block_all
2013/06/04 13:01:08.711 [3124:4648] TSE3082: *** DROP PACKET ***
2013/06/04 13:01:08.711 [3124:4648] ======== TsPacket ====== BA: 0 == protocol: 2 ===
=== EtherII Packet=== len:64==== nic:0=====
3a-ff-fe-80-00-00  ---> 60-00-00-00-00-18 , protocol = 0x0

2013/06/04 13:01:09.569 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:10.599 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:11.629 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:12.658 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:13.678 [3124:3712] CWscFwHandler: update status time out-2147483638
2013/06/04 13:01:14.695 [3124:3712] CWscFwHandler: update status time out-2147483638

AttachmentSize
debug.txt 121.04 KB
AjinBabu's picture

Hi, 

Try to upgrade one machine to 12.1 RU2 MP1 and test .

Regards

Ajin