Solved

DHCP requests not processed if Symantec EndPoint Protection 11.0 enabled

Posted on 2008-10-21
6
1,643 Views
Last Modified: 2013-11-22
Hello

Symantec endpoint protection 11.0 is blocking DHCP requests on my DHCP server running windows 2003 r2 sp2.

On my symantec management console, I have added a rule to allow DHCP in my firewall settings. I have also enabled all smart raffic diltering options. I created a package with these changes and deployed them.

DHCP traffic is still being blocked. f I disable end point protection on my DHCP server then DHCP traffic is allowed (I.e clients get leases). My DHCP server also acts as my DNS server
0
Comment
Question by:adimit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 500 total points
ID: 22770166
4. DHCP server traffic becomes blocked to and from the Symantec Endpoint Protection Manager and workstations cannot get an IP lease.

a. If users use the default firewall policy with the Symantec Endpoint Protection Client on the Microsoft SBS, and the server is performing the role of a DHCP server, and workstations will no longer successfully receive a DHCP lease from the server, since the default firewall policy blocks DHCP server traffic.

To fix:
i.Modify the default firewall policy to include a new rule for DHCP server traffic
http://blogs.technet.com/girish/archive/2007/12/06/symantec-endpoint-protection-11-0-with-sbs.aspx
0
 

Author Comment

by:adimit
ID: 22770374
I already saw and implemented  the same knowledge base article on the symantec web-site. As stated in my initial request I've already added a new rule in the firewall policy
0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22778137
ok. what release maintanance are you using?
the current release maintanace (MR3) has improved console and client managment
http://www.symantec.com/business/support/endpointsecurity/sep11_faq-top-smb-issues.pdf
see page 2
FAQ: What do I do when my small business server stops receiving network connections?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:adimit
ID: 22824693
I have MR3 installed
0
 

Expert Comment

by:capt_morgan
ID: 24638618
I had the same issue and had to call Symatnec to get a resolution. The solution is to create a special protocol of type "0x888e" and add that as the first rule in your rule base. Ocne you do this you will get a DHCP address everytime,

I will attache a screen shot of how I set it up.
 
 
0
 

Expert Comment

by:OccIT
ID: 24701199
I would appreciate that screenshot if you could post it.  I am having the same issue.

Thanks!
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question