Nortons firewall issue

Hi all - I'm experiencing a strange issue with Symantec's Nortons Intenet Security in that an application that I've created both .exe and TCP/UDP port allowance rules for is still being blocked.

But it's only blocked on first run/instance after connecting to a VPN.

If the Smart Firewall is disabled (for 15 mins or however long), then the application being blocked is opened, it will connect and work fine.  I can enable the firewall and it still works fine.
I can exit the application and run it again and it STILL works fine while the firewall is on.

It only seems to be after the computer connects to the VPN for the first time each day that Nortons' Smart Firewall needs to be temporarily disabled.

Any suggestions on how I might fix it?
LVL 8
Reece DoddsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammed HamadaSenior IT ConsultantCommented:
Is there any updates for the firewall? It could be a bug!
0
rindiCommented:
Of course Symantec/Norton is a bug. If this is a private PC, remove that crap and install a good AV utility. Panda free antivirus is the best I can recommend. The Windows built-in firewall is more than adequate, so you don't need any 3rd party firewall.

If it is a company PC and it isn't your decision on what AV utility you can install, at least disable the norton firewall and just use the Windows built-in one.
0
btanExec ConsultantCommented:
There is somehow similar symptom seen..
http://community.norton.com/t5/Norton-Internet-Security-Norton/Firewall-monitor-rule-effects/td-p/1058267
If you are using NIS v. 21.1.0.18 (not NIS v. 20.x) and have the Smart Fiirewall setting for Advanced Events Monitoring turned ON (Settings | Network | Smart Firewall | Advanced Settings | Configure | Automatic Program Control | Configure | Advanced Events Monitoring), please see slee2's thread here.  There appears to be a bug in the NIS v. 21.x firewall, and the only solution I've seen so far is to either turn OFF the Advanced Events Monitoring or downgrade back to NIS 20.x as instructed here.

may want to turn on monitoring to see how the FW is acting based on ruleset on the application traffic interested. By default in "Automatic Program Control" Norton take decisions when a program receives inbound or outbound traffic - we can turn off and turn on Advanced Events Monitoring. Note that this will prompt with numerous firewall alerts.
https://support.norton.com/sp/en/us/home/current/solutions/v19134741_N360_Security_CC_2014_en_us
When you allow the event, the event details appear under the relevant category that is available in Advanced Events Monitoring. The application that triggers the allowed event is added to the trusted list of its corresponding category in Advanced Events Monitoring. You can remove the application from the list. In this case, firewall alert appears when the application triggers the event next time.

Maybe above may help to isolate the issue since configurations does not seems to work seamless and as expected (like happened almost with VPN on). Probably has to try other machine as well or re-install the appl if required.
0
Reece DoddsAuthor Commented:
I tried the suggestions above with no luck.
I ended up creating a traffic rule that allowed ALL traffic TO and FROM the external IP address of the VPN server and also the IP range of the VPN network when connected.
This appears to have fixed the problem.

Thanks for your help though.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Reece DoddsAuthor Commented:
resolved by creating a blanket rule for all traffic regardless of application and packet type for the IP addresses associated with the VPN.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.