Solved

Symantec End Point will not allow DHCP accross more than one vlan.

Posted on 2011-03-15
6
1,360 Views
Last Modified: 2013-12-09
I recently purchased laptops with Windows 7.  I created the image that we were going to use for the other laptops.  Then I noticed an issue.  When Symantec End Point Protection 11.0.5 & 11.0.6  is installed on Windows 7, in a Windows 2003 domain environment, I am unable to pick up an IP address from the DHCP server across the wireless connection.  

When I plug into the network it works just fine, I am able to pick up the IP address. This of course is not trying to switch to another VLAN.

Let me explain the wireless dhcp settings.  When a computer is turned on the computer should receive an IP address from the DHCP server for the Machine WLAN.  This is when the laptop is at the log in screen.  Once the user logs in, whom ever this may be, the dhcp server assigns an IP address based on your credentials in Active Directory.  Either being a student, WLAN Student, techer, WLAN Teacher, Admin, WLAN Admin.  The laptop will pick up the Machine VLAN IP address just fine. Laptop will not pick up the assigned VLAN once a user logs in.

Thanks for your help in advance

David
0
Comment
Question by:david_trombley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 35137749
Are you using location profiles is SEPM?
What rules are applied to the new VLAN?
Did you enable logging and check the blocked traffic/packets log?
0
 

Author Comment

by:david_trombley
ID: 35147024
The rules that are applied to the VLAN are very limited on the IAS server there is one policy for the Domain Computers.  This policy uses NAS-Port-Tyoe IEEE 802.11 and Wireless Other for all domain computers.  Also I did not enable logging to check the blocked traffic/packets.  I am confused on the first question.  Hope this helps.  

0
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 500 total points
ID: 35147074
I am asking about the firewall rules in Symantec endpoint.
Regarding the first question, there is a "location awareness" in SEP, i.e. it changes the FW rules based on the location.
If you are sure the blocking is done via Symantec, then enabling logging will help identifying the problem.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Accepted Solution

by:
david_trombley earned 0 total points
ID: 35147089
OK, I see, I am pretty sure that SEP is doing the blocking.  When its not installed everything works great.  When it is installed I am stuck with a Machine WLAN IP Address.  Therefore not Internet access and so on.  I will look at SEP and see what I can find. and I will look at the rules also.

Thanks
0
 

Author Comment

by:david_trombley
ID: 35151161
I figured out what was blocking the DHCP service from obtaining the IP address.  The network threat protection for SEP was the corporate.  Thanks for your help.
0
 

Author Closing Comment

by:david_trombley
ID: 35178824
I trouble shoot the issue by disable the policies with in SEP.  I then tried disabling the Network Threat Protection on the local machine and once a restart happened this was re-enabled.  I then created an Install Package with in SEP and installed this on the laptop.  I then restarted while the Ethernet cable was plugged in and then updated the policy for SEP.  I then restarted again and all was working great.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
This video will demonstrate how to find the puppet warp tool from the edit menu and where to put the points to edit.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question