?
Solved

DHCP requests not processed if Symantec EndPoint Protection 11.0 enabled

Posted on 2008-10-21
6
Medium Priority
?
1,664 Views
Last Modified: 2013-11-22
Hello

Symantec endpoint protection 11.0 is blocking DHCP requests on my DHCP server running windows 2003 r2 sp2.

On my symantec management console, I have added a rule to allow DHCP in my firewall settings. I have also enabled all smart raffic diltering options. I created a package with these changes and deployed them.

DHCP traffic is still being blocked. f I disable end point protection on my DHCP server then DHCP traffic is allowed (I.e clients get leases). My DHCP server also acts as my DNS server
0
Comment
Question by:adimit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 1500 total points
ID: 22770166
4. DHCP server traffic becomes blocked to and from the Symantec Endpoint Protection Manager and workstations cannot get an IP lease.

a. If users use the default firewall policy with the Symantec Endpoint Protection Client on the Microsoft SBS, and the server is performing the role of a DHCP server, and workstations will no longer successfully receive a DHCP lease from the server, since the default firewall policy blocks DHCP server traffic.

To fix:
i.Modify the default firewall policy to include a new rule for DHCP server traffic
http://blogs.technet.com/girish/archive/2007/12/06/symantec-endpoint-protection-11-0-with-sbs.aspx
0
 

Author Comment

by:adimit
ID: 22770374
I already saw and implemented  the same knowledge base article on the symantec web-site. As stated in my initial request I've already added a new rule in the firewall policy
0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22778137
ok. what release maintanance are you using?
the current release maintanace (MR3) has improved console and client managment
http://www.symantec.com/business/support/endpointsecurity/sep11_faq-top-smb-issues.pdf
see page 2
FAQ: What do I do when my small business server stops receiving network connections?
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:adimit
ID: 22824693
I have MR3 installed
0
 

Expert Comment

by:capt_morgan
ID: 24638618
I had the same issue and had to call Symatnec to get a resolution. The solution is to create a special protocol of type "0x888e" and add that as the first rule in your rule base. Ocne you do this you will get a DHCP address everytime,

I will attache a screen shot of how I set it up.
 
 
0
 

Expert Comment

by:OccIT
ID: 24701199
I would appreciate that screenshot if you could post it.  I am having the same issue.

Thanks!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question