Hi,
As several companies, I want to prevent my users browsing Internet without protection.
So, I have decided to force them to connect to VPN to use all the security devices when navigating on Internet.
To do that, i want to use Symantec Endpoint Protection, Firewall option.
At the moment, I am unable to get it work properly.
First, I have created 2 locations
Office vs Outside.
On office location, firewall is disabled. On outside location, firewall is enabled block everythings except the VPN server IP.
I have entered somes criterions, so, if an internal server responds to a ping, then you are in the office location.
The main issue of that, is when users are at the hostel, or in buisiness partner office, they have to use a Captive portal. The computer applied "Outside" location and firewall is enabled.
Symantec firewall sees captive portals as a hacker (man in the middle attack I guess) and blocks connections to the main portal page. Impossible to go ahead and get Internet access to use VPN.
Well,
I have decided to create another location "Captive"
In this location, the firewall is disabled, and it match this criterion if the computer gets a private IP (192.168.x.x) and cannot ping something on Internet (Google for example).
The main issue now, is that randomly the SEP does not switch from Captive to Outside to Office.
If I restart the smc service, the client takes the good location immediatly. But switching while running does randomly not work.
This is pretty annoying as I have to wait until 30 minutes to get the right location.
The "remember last location" is uncheck on the communication settings.
The location check is set to 30seconds.
I have enabled SMC debugging, Syling debugging, VP debugging, but still unable to find any location awareness log.
Does anybody has an idea to resolve my issue ? Or any idea to reach the target (prevent users to use Internet except through VPN)
Thank you.