Solved

Symantec End Point will not allow DHCP accross more than one vlan.

Posted on 2011-03-15
6
1,349 Views
Last Modified: 2013-12-09
I recently purchased laptops with Windows 7.  I created the image that we were going to use for the other laptops.  Then I noticed an issue.  When Symantec End Point Protection 11.0.5 & 11.0.6  is installed on Windows 7, in a Windows 2003 domain environment, I am unable to pick up an IP address from the DHCP server across the wireless connection.  

When I plug into the network it works just fine, I am able to pick up the IP address. This of course is not trying to switch to another VLAN.

Let me explain the wireless dhcp settings.  When a computer is turned on the computer should receive an IP address from the DHCP server for the Machine WLAN.  This is when the laptop is at the log in screen.  Once the user logs in, whom ever this may be, the dhcp server assigns an IP address based on your credentials in Active Directory.  Either being a student, WLAN Student, techer, WLAN Teacher, Admin, WLAN Admin.  The laptop will pick up the Machine VLAN IP address just fine. Laptop will not pick up the assigned VLAN once a user logs in.

Thanks for your help in advance

David
0
Comment
Question by:david_trombley
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 35137749
Are you using location profiles is SEPM?
What rules are applied to the new VLAN?
Did you enable logging and check the blocked traffic/packets log?
0
 

Author Comment

by:david_trombley
ID: 35147024
The rules that are applied to the VLAN are very limited on the IAS server there is one policy for the Domain Computers.  This policy uses NAS-Port-Tyoe IEEE 802.11 and Wireless Other for all domain computers.  Also I did not enable logging to check the blocked traffic/packets.  I am confused on the first question.  Hope this helps.  

0
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 500 total points
ID: 35147074
I am asking about the firewall rules in Symantec endpoint.
Regarding the first question, there is a "location awareness" in SEP, i.e. it changes the FW rules based on the location.
If you are sure the blocking is done via Symantec, then enabling logging will help identifying the problem.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Accepted Solution

by:
david_trombley earned 0 total points
ID: 35147089
OK, I see, I am pretty sure that SEP is doing the blocking.  When its not installed everything works great.  When it is installed I am stuck with a Machine WLAN IP Address.  Therefore not Internet access and so on.  I will look at SEP and see what I can find. and I will look at the rules also.

Thanks
0
 

Author Comment

by:david_trombley
ID: 35151161
I figured out what was blocking the DHCP service from obtaining the IP address.  The network threat protection for SEP was the corporate.  Thanks for your help.
0
 

Author Closing Comment

by:david_trombley
ID: 35178824
I trouble shoot the issue by disable the policies with in SEP.  I then tried disabling the Network Threat Protection on the local machine and once a restart happened this was re-enabled.  I then created an Install Package with in SEP and installed this on the laptop.  I then restarted while the Ethernet cable was plugged in and then updated the policy for SEP.  I then restarted again and all was working great.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
A list of useful business intelligence software.
This video will demonstrate how to find the puppet warp tool from the edit menu and where to put the points to edit.
Viewers will learn how to use the Hootsuite Dashboard.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now