Nortons firewall issue

Posted on 2014-08-31
Last Modified: 2014-09-30
Hi all - I'm experiencing a strange issue with Symantec's Nortons Intenet Security in that an application that I've created both .exe and TCP/UDP port allowance rules for is still being blocked.

But it's only blocked on first run/instance after connecting to a VPN.

If the Smart Firewall is disabled (for 15 mins or however long), then the application being blocked is opened, it will connect and work fine.  I can enable the firewall and it still works fine.
I can exit the application and run it again and it STILL works fine while the firewall is on.

It only seems to be after the computer connects to the VPN for the first time each day that Nortons' Smart Firewall needs to be temporarily disabled.

Any suggestions on how I might fix it?
Question by:Reece Dodds
    LVL 23

    Expert Comment

    by:Mohammed Hamada
    Is there any updates for the firewall? It could be a bug!
    LVL 87

    Expert Comment

    Of course Symantec/Norton is a bug. If this is a private PC, remove that crap and install a good AV utility. Panda free antivirus is the best I can recommend. The Windows built-in firewall is more than adequate, so you don't need any 3rd party firewall.

    If it is a company PC and it isn't your decision on what AV utility you can install, at least disable the norton firewall and just use the Windows built-in one.
    LVL 60

    Assisted Solution

    There is somehow similar symptom seen..
    If you are using NIS v. (not NIS v. 20.x) and have the Smart Fiirewall setting for Advanced Events Monitoring turned ON (Settings | Network | Smart Firewall | Advanced Settings | Configure | Automatic Program Control | Configure | Advanced Events Monitoring), please see slee2's thread here.  There appears to be a bug in the NIS v. 21.x firewall, and the only solution I've seen so far is to either turn OFF the Advanced Events Monitoring or downgrade back to NIS 20.x as instructed here.

    may want to turn on monitoring to see how the FW is acting based on ruleset on the application traffic interested. By default in "Automatic Program Control" Norton take decisions when a program receives inbound or outbound traffic - we can turn off and turn on Advanced Events Monitoring. Note that this will prompt with numerous firewall alerts.
    When you allow the event, the event details appear under the relevant category that is available in Advanced Events Monitoring. The application that triggers the allowed event is added to the trusted list of its corresponding category in Advanced Events Monitoring. You can remove the application from the list. In this case, firewall alert appears when the application triggers the event next time.

    Maybe above may help to isolate the issue since configurations does not seems to work seamless and as expected (like happened almost with VPN on). Probably has to try other machine as well or re-install the appl if required.
    LVL 7

    Accepted Solution

    I tried the suggestions above with no luck.
    I ended up creating a traffic rule that allowed ALL traffic TO and FROM the external IP address of the VPN server and also the IP range of the VPN network when connected.
    This appears to have fixed the problem.

    Thanks for your help though.
    LVL 7

    Author Closing Comment

    by:Reece Dodds
    resolved by creating a blanket rule for all traffic regardless of application and packet type for the IP addresses associated with the VPN.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now