Avatar of Jason Johanknecht
Jason Johanknecht
Flag for United States of America asked on

Norton 360 random microsoft windows 2000 smb rule rejects network traffic in logs

Brand new Dell Optiplex 3080 with Norton 360 Deluxe, sharing files to 2 computers.  File sharing works fine for a couple of days and then starts blocking most network traffic (e-mail, file sharing, and printing).  Internet access is still good.  Disabling the firewall in Norton will bring all functions back.  Norton is logging "Rule: MS Windows network 2000 SMB" and blocking ports (port 445 for file sharing for example).  I used Norton R&R to reinstall 360, and it worked for a couple of days again.  Then the same problem returned.  Same error messages.  I have made sure the firewall has local network as either PRIVATE or FULL TRUST.  I have made sure the rule mentioned above is still set to allow and enabled (Not reject).  I have given one of the computers a static IP and included the IP and MAC address in Norton firewall with FULL TRUST.  Still nothing unless I disable the firewall.  Norton tech support said it was because I had a static IP on the computer.  Then said change the static IP to another IP address.  Didn't fix things and they gave up.


The problem starts when e-mail stops working in Outlook 2021, using IMAP e-mail from GoDaddy Workspace e-mail.  Still trying to get them to move to a better e-mail host.  GoDaddy has found no problems with the e-mail account and the other e-mail account never has a problem on Outlook 2016 on the other 2 computers (Same user).  Same Norton 360 installation on all computers (Windows 10 - 20H1 or newer).

 

The computer that has problems is used heavily every day (About 90% of all computing use in the clients company) and has no other problems outside of the firewall.  All functions work perfectly with the firewall disabled.  Running things like SFC, DISM, CHKDSK have yielded no effects and find no problems or corruption.

MicrosoftWindows 10Anti-Virus AppsWindows OSSoftware Firewalls

Avatar of undefined
Last Comment
Jason Johanknecht

8/22/2022 - Mon
Adam Leinss

Not a direct answer to your question, but why do you need a firewall locally?  Presumably, you are behind a router, so you don't really need a firewall, unless you are worried about someone else connecting to your computers on your local network.

I disable the Windows software firewall on all my home computers.  Even if someone was on my local network, they would have to know what login/password to use to get to my file shares.
Jason Johanknecht

ASKER
It is a business computer, and I have never heard anyone suggest not needing a firewall.
David Johnson, CD

Note: this is my personal opinion only.

Norton 360 seems to be the problem.  Remove it until they either fix it or simply forget about using it again.  I really loved Norton until Symantec took over and made it bloatware, their new ownership hasn't really improved things.

Windows Defender/Windows Firewall and Malware Bytes Premium is all you need.
I also don't disable firewalls I fix the rules so that things work.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Tony J

I agree wholeheartedly with David. Don't just turn things off - that isn't the way. Fix the issues.

In most cases there is no need to use anything other than Defender with a weekly or monthly scan with Malwarebytes' free product, though the premium product will work hand in hand with Defender and not cause any performance etc issues.

Adam - you are dangerously misinformed if you don't think you need "local" firewalls, I am afraid. Without firewalls, there's nothing to stop a compromised computer running amok on your systems - indeed, firewalls are only one part of the protection overall but I'd never turn them off, full stop - nor would I take anyone seriously who suggested doing it. Again, as David says - fix the rules that stop things connecting.
Adam Leinss

Tony - I don't fully disagree with what you said - we have 23K+ local workstations running Windows 10 and we disable the local firewall on all of them.  It is probably a good security practice to leave it enabled and just open the ports you need.  When I first read this question, I was reading this as a home computer setup.  I disable the local firewall on several of my home computers because I have file sharing setup and I'm behind a Netgear router with NAT which acts as a pseudo firewall for incoming connections.

David pretty much said what I was thinking of saying...it's not really a technical issue at this point, but a practical one.  If Symantec is unable or unwilling to fix the issue, you should return it for a full refund and get something else, either staying with the built-in OS functionality or getting something like ESET for protection.
Jason Johanknecht

ASKER
It is not a residential computer.  Small business with only 3 computers in total.  1 of those is a spare and rarely used.
Norton is supposed to call again Tuesday morning, but after failing to do so all of last week... I am not holding my breadth.

The big question is why it reports blocking SMBv1 when all computers have been confirmed (In Power shell) to have SMBv1 disabled.  Even worse is the part about blocking IMAP and SMTP once the problem starts.  

NEW INFO:  GoDaddy e-mail is failing from time to time randomly even with the firewall disabled.  I don't have any other users on GoDaddy workspace e-mail any more.  The online difference between 40 other small business setups using Norton 360 and Windows 10 for file sharing, is workspace e-mail and Outlook 2022.  I continue to check for daily the Windows / Office / Driver updates and install them.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Jason Johanknecht

ASKER
Norton has yet to call back, and attempts to call them leave with... "Level 2 will call you in 24 hours or less"   They even schedule a time they are supposed to call.  I was on the client site for 2 hours waiting for that call on Tuesday.  I installed the latest Office 2021 updates, and reboot computer.  Enabled the Norton 360 firewall and everything is still working today.  Also archived 700MB of e-mail, as they were at about 2.2GB file size in Outlook.  Wondering if the e-mail problem doesn't cause the Norton firewall issue.  

Jason Johanknecht

ASKER
Still now word from Norton.  But on the bright side, after getting the Outlook file size below 2GB appears to have fixed the issue.  It hasn't returned in a week, and it wouldn't go 3 days complete since it was brand new.  I have begun installing Office 2021 for several users and will keep a close eye on those to see if 2GB is a MS or GoDaddy problem.  I will close this if 2 weeks pass and still no issue.  Otherwise I will add to the thread.
Jason Johanknecht

ASKER
Spoke too soon.  Tuesday everything went back to broken.  They can disable firewall, and enable... Then everything works again for a few hours.  Norton still has not called from Level 2 support.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Jason Johanknecht

ASKER
So i double checked all 3 computers for SMBv1, and the old rarely used computer still has it enabled!  I have disabled and restarted.  Verified it is no longer, and expect things to be good.
ASKER CERTIFIED SOLUTION
Jason Johanknecht

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question