Endpoint Protection

 View Only

  • 1.  VMWare network blocked/ping loss by SEP 11

    Posted Jul 26, 2012 02:36 AM

    Hi all,

    I have a HOST with Windows Server 2008 R2, VMWare 8.0 and Symantec Endpoint Protection 11.0.7101 installed. (everything is up-to-date)

    If I start now a Virtual Machine on this Host then the communication to my gateway (Router) will be blocked. (within the VM is no SEP-Client installed)

    The most confusing thing: Not only the communication to the gateway from the VM is blocked also from the Host and all the other Clients on my network...

    I removed the Symantec SEP Client completely from the Host and the problem is gone!

     

    Already tried:

    - Allowed all IPv6 Traffic in the SEP Firewall

    - Created special Firewall Rule for local network and all adapter --> allow all

    - Excluded the whole network range from the IPS (Intrusion Prevention)

     

    But I still have the same problem as long as the SEP-Client is installed on the local Host... If I remove the SEP Client everything is working...

    Any ideas?

     



  • 2.  RE: VMWare network blocked/ping loss by SEP 11



  • 3.  RE: VMWare network blocked/ping loss by SEP 11

    Posted Jul 26, 2012 03:36 AM
      |   view attached

    Theses settings are all by default...

    Attached you can see my current Firewall settings...

    Any more ideas?



  • 4.  RE: VMWare network blocked/ping loss by SEP 11

    Posted Jul 26, 2012 08:57 AM

    Can we have Firewall Log Uploaded here please



  • 5.  RE: VMWare network blocked/ping loss by SEP 11

    Posted Jul 26, 2012 12:13 PM

    Thanks for your answer.

    I did many re-installations from SEP11 and also from the Manager... At the moment the logs are completely empty! Just one Denial of Service was recognized from one of my hardware clients.

    Any more ideas? It must have something to do with SEP... Because if I remove SEP from my Server everything is fine...

    At the moment all settings are standard settings. Except one Firewall Rule for my local network. (see screenshot above)

    Maybe the logs are empty because of the standard settings from SEP?



  • 6.  RE: VMWare network blocked/ping loss by SEP 11

    Posted Jul 27, 2012 06:11 AM

    I also installed now the newer version 11.0.7 MP2 but same problem.

    Over this installation I installed the 12.1.1 version and still same problem. But in this version I was able to find something in the NTP logfiles.

    I have a lot of entrys with 0x802 (ARP) traffic. (Rule: Block all other traffic)

    I created a new Rule to allow such traffic but still same problem...

    I have no ideas how I could solve this problem... Any ideas / suggestions ?