Network Access Control

Hi,

We've just implemented SNAC with DHCP Enforcer. We put the DHCP Enforcer into the network, in front of the DHCP server. But after putting the DHCP Enforcer in front of the DHCP server, we found the problem that we cannot connect to the DHCP server for sometimes.

 We could see from the network connection loss from the graph that we use to monitor the DHCP server, compare to the graph captured before implementing DHCP Enforcer.

Before implementing DHCP Enforcer,




After implementing DHCP Enforcer,




Does anyone face a problem like this? What should we do to correct this problem?
We already add the MAC address of the DHCP server as the Trusted Host for DHCP Enforcer.
What should we do other things else?
Please suggest

Thanks,

This KB may shed some light on your issue.

How to configure the Microsoft DHCP server for use with the Symantec DHCP Enforcer

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/d7a33737c3653dba80257354003dbc12?OpenDocument

We've already done the tasks according to KB since we had placed the DHCP Enforcer in front of the DHCP server. But i'm not sure if we have to tune parameters other than in specified in DHCP server.

Anyway, I would like to ask some questions. Other than DHCP packets, does the DHCP Enforcer concern other packets passing through DHCP Enforcer?

Please suggest.

Thank you very much

Unfortunately I am not an expert on DHCP enforcers. These two Symantec KB's may help answer your questions.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008120314183448

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092617525648



If you are still having issues, I suggest you open a case with support.

https://mysupport.symantec.com/

http://www.symantec.com/business/support/contact_techsupp_static.jsp