Endpoint Protection

 View Only

  • 1.  Wireless broadband devices browsing issue

    Posted Jul 03, 2013 03:27 AM

    Dear All,

    I am facing an issue in our environment, SEP is blocking to browse through internet wireless broadband device in a machine. When i checked the firewall logs on problematic machine "block all other IP traffic and log" policy was blocking this device to browse.

    Is there any possible solution eg make another firewall rule or exclude it.

    If yes then how ??

    Regards,

    Irteza



  • 2.  RE: Wireless broadband devices browsing issue

    Posted Jul 03, 2013 03:44 AM

    Is this a USB 3G broadband modem connection? What Version of SEP Client are you running. If this is 3G there was a known issue about it -- currently fixed in 12.1 RU2 MP1 - have a look:

    New fixes and features in Symantec Endpoint Protection 12.1 Release Update 2 Maintenance Pack 1

    Article:TECH204685  |  Created: 2013-04-03  |  Updated: 2013-04-12  |  Article URL http://www.symantec.com/docs/TECH204685
     
    Systems are unable to connect to the network using 3G USB cards after installing Symantec Endpoint Protection firewall
    Fix ID: 2949361
    Symptom: Certain USB 3G cards require the configuration of extensive protocols to allow network traffic to pass through the firewall.
    Solution: Updated Teefer to allow for traffic missing certain header components to be processed.

     



  • 3.  RE: Wireless broadband devices browsing issue
    Best Answer

    Posted Jul 03, 2013 03:46 AM

    You might be having application and device control enabled in your environment.

    you can use the devviewer tool found in cd2 of symantec installation download. find the id and then add that in the device to be allowed in the rule.

    http://www.symantec.com/business/support/index?page=content&id=HOWTO80856

     

    if fw is blocking it then create a new firewall rule to allow to and from for this device

    Allow IP Traffic - This means that if any traffic doesn't match the firewall rule(either allow or deny) and if this option is checked then that particular traffic will be allowed. Sometimes we configure the firewall rule in such a way that we add only rules that allows a particular traffic and we do not add a rule at the bottom to deny traffic which doesn't match the above rules. If "Allow IP Traffic" is not checked then it will act as the bottom rule(deny all traffic)to drop all the packets except for the traffic which is generated from some applications(prompts user to allow or block traffic from that particular application). By default this option is checked so that it does not block all traffics other than specified in default firewall rule immediately after installation.