Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Symantec End Point will not allow DHCP accross more than one vlan.

Posted on 2011-03-15
6
1,355 Views
Last Modified: 2013-12-09
I recently purchased laptops with Windows 7.  I created the image that we were going to use for the other laptops.  Then I noticed an issue.  When Symantec End Point Protection 11.0.5 & 11.0.6  is installed on Windows 7, in a Windows 2003 domain environment, I am unable to pick up an IP address from the DHCP server across the wireless connection.  

When I plug into the network it works just fine, I am able to pick up the IP address. This of course is not trying to switch to another VLAN.

Let me explain the wireless dhcp settings.  When a computer is turned on the computer should receive an IP address from the DHCP server for the Machine WLAN.  This is when the laptop is at the log in screen.  Once the user logs in, whom ever this may be, the dhcp server assigns an IP address based on your credentials in Active Directory.  Either being a student, WLAN Student, techer, WLAN Teacher, Admin, WLAN Admin.  The laptop will pick up the Machine VLAN IP address just fine. Laptop will not pick up the assigned VLAN once a user logs in.

Thanks for your help in advance

David
0
Comment
Question by:david_trombley
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 35137749
Are you using location profiles is SEPM?
What rules are applied to the new VLAN?
Did you enable logging and check the blocked traffic/packets log?
0
 

Author Comment

by:david_trombley
ID: 35147024
The rules that are applied to the VLAN are very limited on the IAS server there is one policy for the Domain Computers.  This policy uses NAS-Port-Tyoe IEEE 802.11 and Wireless Other for all domain computers.  Also I did not enable logging to check the blocked traffic/packets.  I am confused on the first question.  Hope this helps.  

0
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 500 total points
ID: 35147074
I am asking about the firewall rules in Symantec endpoint.
Regarding the first question, there is a "location awareness" in SEP, i.e. it changes the FW rules based on the location.
If you are sure the blocking is done via Symantec, then enabling logging will help identifying the problem.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Accepted Solution

by:
david_trombley earned 0 total points
ID: 35147089
OK, I see, I am pretty sure that SEP is doing the blocking.  When its not installed everything works great.  When it is installed I am stuck with a Machine WLAN IP Address.  Therefore not Internet access and so on.  I will look at SEP and see what I can find. and I will look at the rules also.

Thanks
0
 

Author Comment

by:david_trombley
ID: 35151161
I figured out what was blocking the DHCP service from obtaining the IP address.  The network threat protection for SEP was the corporate.  Thanks for your help.
0
 

Author Closing Comment

by:david_trombley
ID: 35178824
I trouble shoot the issue by disable the policies with in SEP.  I then tried disabling the Network Threat Protection on the local machine and once a restart happened this was re-enabled.  I then created an Install Package with in SEP and installed this on the laptop.  I then restarted while the Ethernet cable was plugged in and then updated the policy for SEP.  I then restarted again and all was working great.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
All of the resources available today make learning a new digital media easier than ever-- if you know where to begin. This is a clear, simple guide to a few of the basic digital art mediums and how to begin learning them on your own.
This video demonstrates basic masking and how to edit the mask to reveal the desired image.
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question