Scenario:
The HyperV hosts and hosted VM's all have AV + NTP installed, the firewall policy for the hosts only have rules necessary for the hosts themselves, not the hosted VM's (they have their own FW policies). We have just upgraded to 12.1 RU6 MP7 from 12.1 RU5, now NTP on the host is blocking traffic destined for its VM.
In the host's NTP traffic log, the VM's MAC and IP address are shown in the local host details.
I can work around this by creating a rule to allow all traffic to the VM's MAC address, however why do I now need to create these rules?
I have a case raised - 13921775, however Symantec support have been fairly poor, with the advice given of 'uninstalling NTP' and that this is fixed in MP8 (different issue): FIX 4074754 https://support.symantec.com/en_US/article.INFO4367.html
I have found the following threads, but none have a solution:
https://www.symantec.com/connect/forums/endpoint-protection-firewall-blocking-hyperv-vm
https://www.symantec.com/connect/forums/sep-windows-81-hyper-v-host-ntp-blocking-guest-vm
Any help appreciated!