I am having problems getting an Azure Connect Endpoint to connect properly with Endpoint Protection installed on the computer.
Here is what I know:
-It is not my firewall causing the problem. (Two other computers without Symantec Endpoint installed are currently communicating through Azure Connect and the firewall)
-I am not using a proxy server and local proxy settings on my laptop have been verified.
-Windows Firewall exceptions have been configured and verified for outgoing port 443, as well as testing with turning Windows firewall completely off.
-Application exceptions have been configured in Symantec Endpoint for Azure Connect Endpoint software.
-Manually stopping the ccSvcHst.exe service for Symantec and retesting the connection failed.
-Azure Connect Endpoint Diagnostics verify all settings and certificates are correct for the connection policy and IPsec authentication (certificates).
-A Wireshark capture of the SSL handshake between Azure and my laptop appears to be proper. “Keep Alive” pings between Azure and my laptop are being exchanged.
From what I can see, Symantec is blocking the creation of the PPP tunnel on my laptop. So far, the only way to successfully create the connection to Azure is to completely uninstall the Symantec Endpoint software. Just turning Symantec off does not remedy the issue. This thread exactly describes the symptoms and steps we have observed and taken for this problem.
http://social.msdn.microsoft.com/Forums/en-US/windowsazureconnectivity/thread/f5e7c2bf-6542-41b4-a708-6efcc0bc4d1d
This appears in the sytem logs:
SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe Event Info: Open Process ActionTaken: Blocked Actor Process: C:\WINDOWS\INSTALLER\MSIC331.TMP (PID 5272) Time: Thursday, August 16, 2012 9:59:00 AM
As well as this:
Log Name: Application
Source: RasClient
Date: 8/17/2012 10:34:32 AM
Event ID: 20227
Task Category: None
Level: Error
KeywordsLog Name: Application
Source: RasClient
Date: 8/16/2012 10:01:53 AM
Event ID: 20227
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: IAE2011012.iae-online.local
Description:
CoId={6FF7DAE8-7913-4AEE-88AB-67E80D094EC2}: The user SYSTEM dialed a connection named Windows Azure Connect Relay5 1 which has failed. The error code returned on failure is 703.
Is anyone familiar with this issue or a fix?