Monday, June 19, 2017

Manually enabling network file and printer browsing for unmanaged Symantec Endpoint Protection 11.0 clients.

Situation

How can network file and printer browsing be enabled for unmanaged Symantec Endpoint Protection 11.0 clients?

Symptoms
Unmanaged Symantec Endpoint Protection 11.0 client cannot access shared network folders.
  • Network threat protection is installed and enabled.

Cause

The ports required to browse shared network folders are blocked.

Solution

NOTE: There are predefined firewall rules for Microsoft Windows file sharing that can be enabled on an unmanaged Symantec Endpoint Protection 11.0 client. For instructions on enabling those rules, please see the following document:

"Unmanaged Symantec Endpoint Protection 11.0 clients cannot access shared network folders" at the following URL:
http://www.symantec.com/docs/TECH102490


If the firewall rules need to be created manually, please follow the steps below.
Creating a rule to allow network file and printer browsing
  1. Open the "Symantec Endpoint Protection client interface."
  2. Click Options beside "Network Threat Protection". This will open a menu.
  3. Click Configure Firewall Rules... in the menu. This will open the "Configure Firewall Rules..." page.
  4. Click Add.... This will open the "Add Firewall Rule" page.
  5. On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
  6. On the "Ports and Protocols" tab, select TCP from the "Protocol" menu.
  7. In the "Remote ports:" box, type 88,135,139,445
  8. Click OK
  9. Click the Add... This will open the "Add Firewall Rule" page.
  10. On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
  11. On the "Ports and Protocols" tab, select UDP from the "Protocol" menu.
  12. In the "Remote ports:" box, type 88.
  13. In the "Local ports" box, type 137,138
  14. Click OK.
  15. Confirm that both of the new rules are enabled (have a check mark beside them).


If the server sharing the folders is also an unmanaged SEP 11 client, please follow the steps below on that client:
Creating a rule to allow network file and printer sharing
  1. Open the "Symantec Endpoint Protection client interface."
  2. Click the Options beside "Network Threat Protection". This will open a menu.
  3. Click Configure Firewall Rules... in the menu. This will open the "Configure Firewall Rules..." page.
  4. Click Add. This will open the "Add Firewall Rule" page.
  5. On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
  6. On the "Ports and Protocols" tab, select TCP from the "Protocol" menu.
  7. In the "Local ports:" box, type 88,135,139,445
  8. Click OK.
  9. Click the Add. This will open the "Add Firewall Rule" page.
  10. On the "General" tab, name the rule. In the "Action" section, click Allow this traffic.
  11. On the "Ports and Protocols" tab, select UDP from the "Protocol" menu.
  12. In the "Local ports" box, type 88,137,138
  13. Click OK.
  14. Confirm that both of the new rules are enabled (have a check mark beside them).
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)