Hi All
I have a strange one that i have been in contact with support about but they don't seams to be having any luck finding a resolution to the issue. This one is going to take some explaining so bear with me as i detail the issue below.
Remote Site network Setup.
All computers a set on Workgroup Name: WORKGROUP and IP and Subnet address have been confirmed as correct using ipconfig on each machine.
Firewall rule to allow file and printer sharing so that server 1 can map network drives to the default C$ share on computer 1 and computer 2.
Under Policy: Computer Policy 1 and applied to Computer Group: Computer Group1
With both computer 1 & 2 in Computer Group1 and the SEP hosted console displaying that the Computer Policy 1 is 100% applied below is the results when you try and map the drives from server 1 to computer 1 & 2
Checking the firewall alerts showed the following results which shows that my allow rule isn't taking effect and that it still getting blocked by the default rule that you can't disable.
I contacted support and they had me create a new computer group Policy Test and move computer 1 to that group and then then create a new policy Test Policy1 with the firewall rule configured exactly as defined in this KB atical. http://www.symantec.com/docs/TECH213284
With the computers set to Any Computer the drive will map fine to computer 1 but if you chnage it back to Any Computer in the Local Subnet it will not map any more. This had support stumped and the level 2 backline tech asking me to try fixes that made no sence like doing a ipconfig /flushdns when I'm mapping by the static IP address and removing the computer from the workgroup and re-adding. Did both anyway just to keep them happy but it made no diffrence. They asked me to uninstall and re-install SEP on computer 1 and it started working and i though it was fixed and closed the ticket and moved computer 1 back to Computer Group1.
However 48 hours later the issue has returned and i can't map to computer 1 from server 1 again. I moved computer 1 back to the Policy Test group and confirmed that with it set to Any Computer it works but not when Any in Local Subnet. Had a look at the rule and noticed that under the Choose Computers option you can do User Network Address to manually define the network address and subnet mask. So as a test to show that it works when manually set to what the Any Computer in the Local Subnet option should be doing i set teh policy as below.
I tested again and i could now map to computer 1 from server 1.
So now that you know the story, setup and test results has anyone got an idea whats causing teh issues and how to permentantly fix it. As re-installing the endpoint protection service every 48hours or making it unsecure by selectiong Any Computer is not an option. Computer 1 has had the issue for 2 weeks now an i'm about ready to recommend a differnt AV product to my boss.