Endpoint Protection

 View Only

  • 1.  Unlock logs to mobile modems Internet

    Posted Jan 24, 2013 04:34 PM

     

    Hi my name is Xavier Lombeida and work in Ecuador BDO, work with the product Symantec Endpoint Protection (antivirus), and my problem is that it acquired mobile Internet modems (with the company clear, teams are Huawei E303 and work perfectly with Windows XP, but Windows 7 does not connect the mobile Internet, to disconnect the Firewall (Symantec Endpoint Protection also disconnected), the modem works, but that the company need not be left unprotected and without antivirus teams, there is a solution in console settings Symantec Endpoint Protection product?, to create a rule or policy logs to unlock mobile devices.
     
    Thanks for your attention
     


  • 2.  RE: Unlock logs to mobile modems Internet

    Posted Jan 24, 2013 04:38 PM
    It sounds like you need to add a rule to the firewall. What's showing in your traffic logs?


  • 3.  RE: Unlock logs to mobile modems Internet

    Posted Jan 24, 2013 05:11 PM

    This is a known issue - the default rule "block all other traffic" will block the mobile 3g connections on many of the USB network adapters. You can try allowing the rule or creating an exclusion for Ethernet traffic for this adapter - fix should come with next SEP 12.1 release.



  • 4.  RE: Unlock logs to mobile modems Internet

    Posted Jan 25, 2013 08:54 AM

    Yes Brian81 i need to create a rule of Firewall, please someone can show me a guide to create a rule in the Symantec Endpoint Protection?

     

     



  • 5.  RE: Unlock logs to mobile modems Internet

    Posted Jan 25, 2013 09:54 AM

    Have a look at this

    Adding a new firewall rule

    Article:HOWTO81156  |  Created: 2012-10-24  |  Updated: 2013-01-25  |  Article URL http://www.symantec.com/docs/HOWTO81156

     



  • 6.  RE: Unlock logs to mobile modems Internet

    Posted Jan 25, 2013 01:50 PM
    Creating an allow application rule in a Symantec Endpoint Protection Manager (SEPM) firewall policy http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008033106285348 How to add a rule using the"Add Firewall Rule Wizard" http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060208101648 Symantec Endpoint Protection Manager - Firewall - Policies explained http://www.symantec.com/business/support/index?page=content&id=TECH104433&locale=en_US


  • 7.  RE: Unlock logs to mobile modems Internet

    Posted Jan 29, 2013 04:50 AM
    Have you try the attach link?


  • 8.  RE: Unlock logs to mobile modems Internet

    Posted Apr 24, 2013 02:17 AM

    For those following this thread:

    12.1 RU2 MP1 introduces the fix for this issue:

    New fixes and features in Symantec Endpoint Protection 12.1 Release Update 2 Maintenance Pack 1

    Article:TECH204685  |  Created: 2013-04-03  |  Updated: 2013-04-12  |  Article URL http://www.symantec.com/docs/TECH204685
     
    Systems are unable to connect to the network using 3G USB cards after installing Symantec Endpoint Protection firewall
    Fix ID: 2949361
    Symptom: Certain USB 3G cards require the configuration of extensive protocols to allow network traffic to pass through the firewall.
    Solution: Updated Teefer to allow for traffic missing certain header components to be processed.

     



  • 9.  RE: Unlock logs to mobile modems Internet

    Posted Jun 04, 2013 12:47 AM
      |   view attached

    Hi,

        I'm having the same problem. We have a fleet of Dell Xt2 Tablet/laptops which run on internal 3g modems. We're creating a new image for them and have installed EPP12.1 with the latest updates. Since the install the new version the internet get blocked by the firewall as soon as an upload is detected. For example. Start the machine up. Download anything - fine. Go to www.speedtest.net and perform a speed test. Download works fine. Then when it runs the upload the browser stops. Then the internet is blocked and stops working. The only way to fix turn off the firewall and restart. When the firewall is off the internet works fine. Turn it on and it stops again.

    I run the client in debug mode. Here is what the log has (just a snippet)

    Any help would be great....

    2013/06/04 13:01:05.451 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:06.481 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:07.510 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:07.573 [3124:4648] TSE3080: *********DROP PACKET**********
    2013/06/04 13:01:07.573 [3124:4648] TSE: SecurityRule = Block_all
    2013/06/04 13:01:07.573 [3124:4648] TSE3082: *** DROP PACKET ***
    2013/06/04 13:01:07.573 [3124:4648] ======== TsPacket ====== BA: 0 == protocol: 2 ===
    === EtherII Packet=== len:143==== nic:0=====
    11-01-fe-80-00-00  ---> 60-00-00-00-00-67 , protocol = 0x0

    2013/06/04 13:01:08.540 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:08.711 [3124:4648] TSE3080: *********DROP PACKET**********
    2013/06/04 13:01:08.711 [3124:4648] TSE: SecurityRule = Block_all
    2013/06/04 13:01:08.711 [3124:4648] TSE3082: *** DROP PACKET ***
    2013/06/04 13:01:08.711 [3124:4648] ======== TsPacket ====== BA: 0 == protocol: 2 ===
    === EtherII Packet=== len:64==== nic:0=====
    3a-ff-fe-80-00-00  ---> 60-00-00-00-00-18 , protocol = 0x0

    2013/06/04 13:01:09.569 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:10.599 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:11.629 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:12.658 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:13.678 [3124:3712] CWscFwHandler: update status time out-2147483638
    2013/06/04 13:01:14.695 [3124:3712] CWscFwHandler: update status time out-2147483638

     

     

    Attachment(s)

    txt
    debug_14.txt   121 KB 1 version


  • 10.  RE: Unlock logs to mobile modems Internet

    Posted Jun 04, 2013 03:35 AM

    Hi, 

    Try to upgrade one machine to 12.1 RU2 MP1 and test .

    Regards

    Ajin