Symantec Endpoint blocking ALL Internet Traffic on Windows 7

Posted on 2010-04-08
Medium Priority
Last Modified: 2013-11-16
I have a few new laptops running Windows 7 that need to use the Unmanaged Symantec Endpoint Client.  However, on reboot, all of them experience the same symptom--they are blocked from all internet traffic unless I disable the Network Threat Protection.  I'm sure there's a setting I can change, but I don't know what it is.  Help please!
Question by:LPJackson76
  • 2
  • 2

Expert Comment

ID: 30109110
Is the log reporting anyting?

Author Comment

ID: 30109423
Log just says that everything is blocked based on rules.  The rules enabled are the default rules, which say "Block IPv6" and "Block IPv6overIPv4".  There is an entry for Allow All IP Protocol types, but that one is not checked.  I didn't want to disable the two blocks or enable the Allow All because I was unsure what the reprecussions of that might be.
LVL 39

Accepted Solution

itsmeandnobodyelse earned 2000 total points
ID: 30110758
>>>> I didn't want to disable the two blocks or enable the Allow All

You should disable them just to see whether that solves your problem. I think it will solve the blocking issue but doubt that the IPv6 requests can be processed by your router.

Check the settings of the network adapter. I assume you have (only) IPv6 service enabled and that's why you were blocked. Check the IPv4 as well (all properties set to automatic) cause I assume that your router also works on IPv4 (IPv6 surely is overkill for a LAN which needs a handful IP numbers).

Author Comment

ID: 30116445
Disabling the two blocks had no effect, but enabling the "Allow All" fixed the problem.  Is there any kind of security risk though with that enabled?
LVL 39

Expert Comment

ID: 30118080
>>>> Is there any kind of security risk though with that enabled?

Only if you have malware on your system. Then they could go out with no restrictions.

I wonder why Symantec should block normal internet browsing. You could try to add a rule which allows outgoing and incoming messages on port 80 (WEB) but actually I think there is another issue why it doesn't work. I run Norton Internet Suite on W7 and I had to define rules for my (second) LAN but not for the internet.

Did you check your network settings? What services did you have enabled?

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question