Solved

Problems instaling Symantec Endpoint Protection on Vista ... seems 137 and 138 are not listening

Posted on 2009-07-15
14
703 Views
Last Modified: 2013-12-09
How can I make sure the proper ports are listening.  According to the tech-note ( http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007111408431148) I need to make sure 137 and 138 are listening and it doesn't appear to be the case.

I am attaching a screen shot of netstat -abn  It does not show 137 and 138 as "listening"

This is a Vista system .. the firewall is disabled  ... any thoughts ?
netstatcapture.JPG
0
Comment
Question by:DanRaposo
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 7

Accepted Solution

by:
vvlada earned 250 total points
ID: 24862354
Hi,

Do you install SEP manager or SEP client? If it is the SEPM than do you use Vista 64-bit or 32-bit? If it is 64-bit, it is not supported as platform for SEP Manager.

If you are installing just SEP client, then you should pay attention to port 80 (http) for heartbit to SEP Manager and port 8443 (https) for content and product updates and policy update.

To access the SEP Manager, after you installed it, go to the browser and go to the http://<ip address of SEP Manager computer>:9090 (in case you use default values).

Best regards,
Vladimir
0
 

Author Comment

by:DanRaposo
ID: 24862492
I am installing 32-bit client.  I am not installing manager, nor did I know there was a remotely installable manager .. so thanks for that tip ;-)

netstat -abn shows it is listening on 80 and 443, but I still can't install.
0
 
LVL 7

Expert Comment

by:vvlada
ID: 24862567
Hi,

If this is SEP client, then you don't need to check 137 and 138. Since you didn't installed the product and something is listening on 80 and 443 then it looks as you have something (maybe Skype or IIS server or something else) that prevent SEP to install. What is the exact message that you get? Did you take a look at installation log (in %TEMP% folder, just type CD %temp% in Command Prompt to see where it is).

best regards,
Vladimir
0
 
LVL 7

Expert Comment

by:vvlada
ID: 24862586
Hi,

I forgot to write - you don't need ports 80 or 443 on client, since the client will initiate connection to SEP Manager on some port above 1024... So, the problem is not in ports but something else. Check MS Installer on that machine...

Best regards,
Vladimir
0
 

Author Comment

by:DanRaposo
ID: 24862741
The Error is "No Network provider accepted the given network path."

The credentials are correct.

The app never even begins install.  It can't get through to the PC so there are no logs to speak of in the TEMP folder.

0
 

Author Comment

by:DanRaposo
ID: 24863193
 I ran wireshark on the vista box and it seems that the SEP server (0.8)is not getting the ack for the client (0.184) .  This is repeated several times until timeout ...

1307       30.154742            192.168.0.184     192.168.0.8         TCP        55032 > ms-wbt-server [ACK] Seq=1148 Ack=17918 Win=16650 Len=0  
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 24883950
If you install the manager, it automatically opens the proper ports. It helps if you disable disable the client firewall's then un the deployment manager (part of endpoint manager) you select the option to deploy a client. It presents you with a view of your network. You select the workstation and add it into the dialogue box. It pushes the client to the workstation and it installs without any intervention.

I just performed this process on our network. it worked perfect.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:DanRaposo
ID: 24885647
I have the manager installed on a server box and it works for some but not all of our systems.   For example, my Vista (32-bit) system, with firewall disabled can not even be seen on the network.  But if I browse by IP, I can get there adn it will challenge for username pass of Domain Admin, but it will fail.
I have other systems that it will see, but not install properly on.   I shold also mention that we have an OpenLDAP/Samba domain not a true AD.
0
 
LVL 7

Expert Comment

by:vvlada
ID: 24885845
Hi,

Did you try to use local credentials instead of domain username and password?

Best regards,
Vladimir
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 250 total points
ID: 24885987
Check the Vista box and turn off the Firewall and disable the Anti Virus auto protest and file system protest. A;also if you have any spyware checker, disable that. If this dows not work you can copy the endpoint cliient to a flash drive or CD and then perform a manual install on that box.

Before doing that, make sure you have the correct 32 or 64 bit client.
0
 

Author Comment

by:DanRaposo
ID: 24895770
I was able to do the manual install, but I am trying to figure out why I can't do the automated managed install.  Firewall was off.  I may not have disable auto-protect, but I would think that now that SEP is on my system it should be allowing that through anyway ... no?


0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 24895882
If this PC is in the same domain and you are logged into the domain, there could be an anti spyware app that is blocking it.

The push process normally works great for me. Ocassionally I have to use the manual install. Sometines it's quicker to just accept a manual and get on with the days tasks. i'm sure you understand....
0
 

Author Comment

by:DanRaposo
ID: 24935979
I believe this is a case of running an OpenLDAP domain instead of AD.  I believe it is not always passing the proper local administrator credentials.  I believe this should be closed.  There were  sme helpful answers in here.  Moderators can I award points?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 24984561
There is no need to ask moderators if you can award points.

If you are satisfied with your answer, click on the tab that says accept as answer, or accept multiple answers. Then, you can award points.

0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now