Solved

DHCP requests not processed if Symantec EndPoint Protection 11.0 enabled

Posted on 2008-10-21
6
1,613 Views
Last Modified: 2013-11-22
Hello

Symantec endpoint protection 11.0 is blocking DHCP requests on my DHCP server running windows 2003 r2 sp2.

On my symantec management console, I have added a rule to allow DHCP in my firewall settings. I have also enabled all smart raffic diltering options. I created a package with these changes and deployed them.

DHCP traffic is still being blocked. f I disable end point protection on my DHCP server then DHCP traffic is allowed (I.e clients get leases). My DHCP server also acts as my DNS server
0
Comment
Question by:adimit
6 Comments
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 500 total points
ID: 22770166
4. DHCP server traffic becomes blocked to and from the Symantec Endpoint Protection Manager and workstations cannot get an IP lease.

a. If users use the default firewall policy with the Symantec Endpoint Protection Client on the Microsoft SBS, and the server is performing the role of a DHCP server, and workstations will no longer successfully receive a DHCP lease from the server, since the default firewall policy blocks DHCP server traffic.

To fix:
i.Modify the default firewall policy to include a new rule for DHCP server traffic
http://blogs.technet.com/girish/archive/2007/12/06/symantec-endpoint-protection-11-0-with-sbs.aspx
0
 

Author Comment

by:adimit
ID: 22770374
I already saw and implemented  the same knowledge base article on the symantec web-site. As stated in my initial request I've already added a new rule in the firewall policy
0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22778137
ok. what release maintanance are you using?
the current release maintanace (MR3) has improved console and client managment
http://www.symantec.com/business/support/endpointsecurity/sep11_faq-top-smb-issues.pdf
see page 2
FAQ: What do I do when my small business server stops receiving network connections?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:adimit
ID: 22824693
I have MR3 installed
0
 

Expert Comment

by:capt_morgan
ID: 24638618
I had the same issue and had to call Symatnec to get a resolution. The solution is to create a special protocol of type "0x888e" and add that as the first rule in your rule base. Ocne you do this you will get a DHCP address everytime,

I will attache a screen shot of how I set it up.
 
 
0
 

Expert Comment

by:OccIT
ID: 24701199
I would appreciate that screenshot if you could post it.  I am having the same issue.

Thanks!
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now