Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Whats ports i need open?

Migration User

Migration UserFeb 06, 2014 03:06 AM

Open port 8014 bidirectionally and check.
Migration User

Migration UserFeb 06, 2014 03:19 AM

How i can test telnet from SEP to Client computer?
Migration User

Migration UserFeb 06, 2014 05:16 AM

Did you use CDW method or Push deployment method ?
Migration User

Migration UserFeb 06, 2014 05:18 AM

Push deployment method
Migration User

Migration UserFeb 06, 2014 10:07 PM

Glad to help you

  • 1.  Whats ports i need open?

    Posted Feb 05, 2014 06:27 AM

    Hi all. I have same problem.

    I need to install new clients but i need to know how ports need to opening.

    I trying do this link : http://www.symantec.com/business/support/index?page=content&id=TECH163787 

    but this not work. I try do this: 

    Client computers

    Symantec Endpoint Protection Manager

    TCP 139 and 445

    Ephemeral TCP ports

    Ephemeral TCP ports

    TCP 139 and 445

    UDP 137, 138

    UDP 137, 138

    but its not work too. 

    If i opened all port -work! 

    What can i do else???



  • 2.  RE: Whats ports i need open?

    Posted Feb 05, 2014 07:19 AM

    Do you have received any error ?

    What feature do you have use for installing sep client ?

    Steps to prepare computers to install Symantec Endpoint Protection 12.1.x client

     

     

    Article:TECH163112  |  Created: 2011-06-23  |  Updated: 2014-01-15  |  Article URL http://www.symantec.com/docs/TECH163112

     

    Upgrade clients to SEP 12.1 by Auto upgrade feature

     

    http://www.symantec.com/connect/articles/upgrade-clients-sep-121-auto-upgrade-feature

     

     

    How to install clients using "Client Deployment Wizard" in the Symantec Endpoint Protection Manager 12.1

    Article:TECH164308  |  Created: 2011-07-11  |  Updated: 2011-10-25  |  Article URL http://www.symantec.com/docs/TECH164308

    Overview of the Push Deployment Wizard in Symantec Endpoint Protection 12.1.x

     

    Article:TECH183172  |  Created: 2012-03-07  |  Updated: 2013-09-24  |  Article URL http://www.symantec.com/docs/TECH183172

     



  • 3.  RE: Whats ports i need open?

    Posted Feb 05, 2014 08:15 AM

    Please check the below article for the best ans.

    http://www.symantec.com/business/support/index?page=content&id=TECH163787

    https://www-secure.symantec.com/connect/forums/sep-port-clarification

    https://www-secure.symantec.com/connect/forums/required-port



  • 4.  RE: Whats ports i need open?

    Posted Feb 05, 2014 08:25 AM

    Are you talking about just client/server communication? If so, they talk over port 8014



  • 5.  RE: Whats ports i need open?

    Posted Feb 05, 2014 11:01 PM

    The matter is that if I open ports which are specified in article, I don't see this server new in the SEP console. If I open all ports everything works.



  • 6.  RE: Whats ports i need open?

    Posted Feb 05, 2014 11:03 PM

    permit tcp host 192.168.1.36 eq 8014 host 172.16.100.12

    permit tcp host 192.168.1.36 host 172.16.100.12 eq 8014



  • 7.  RE: Whats ports i need open?

    Posted Feb 05, 2014 11:04 PM

    What problem do you have ?Does sep client not showing in console?or new sep client not installed?



  • 8.  RE: Whats ports i need open?

    Posted Feb 05, 2014 11:09 PM

    You need to open bi-directional port 8014 for client to server and server to client for communication.



  • 9.  RE: Whats ports i need open?

    Posted Feb 06, 2014 01:02 AM

    Have you open the port 8014 in bi-direction?

    8014 port is require to open for client and server communication

    Symantec Endpoint Protection Manager 12.1 Communication Troubleshooting

    Article:TECH160964  |  Created: 2011-05-26  |  Updated: 2013-12-29  |  Article URL http://www.symantec.com/docs/TECH160964
     

     



  • 10.  RE: Whats ports i need open?

    Posted Feb 06, 2014 01:23 AM

    My network admin say  that do it and sended me it

    permit tcp host 192.168.1.36 eq 8014 host 172.16.100.12

    permit tcp host 192.168.1.36 host 172.16.100.12 eq 8014

    Is it that?



  • 11.  RE: Whats ports i need open?

    Posted Feb 06, 2014 01:35 AM

    Yes 172.16.100.12 is SEP server. I cant install client on 172.16.1.36 i dont see this computer in console SEP

    look ports 

    permit tcp host 192.168.1.36 host 172.16.100.12 eq 443
    permit tcp host 192.168.1.36 host 172.16.100.12 eq www
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 445
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 135
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 139
    permit udp host 192.168.1.36 host 172.16.100.12 eq netbios-ns
    permit udp host 192.168.1.36 host 172.16.100.12 eq netbios-dgm
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 8014
    permit tcp host 192.168.1.36 host 172.16.100.12 range 1024 5000
    permit tcp host 192.168.1.36 range 1024 5000 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 443 host 172.16.100.12
    permit tcp host 192.168.1.36 eq www host 172.16.100.12
    permit tcp host 192.168.1.36 eq 445 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 135 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 139 host 172.16.100.12
    permit udp host 192.168.1.36 eq netbios-ns host 172.16.100.12
    permit udp host 192.168.1.36 eq netbios-dgm host 172.16.100.12
    permit tcp host 192.168.1.36 eq 8014 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 1433 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 1812 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 2967 host 172.16.100.12
    permit tcp host 192.168.1.36 range 8005 8765 host 172.16.100.12
    permit tcp host 192.168.1.36 eq 9090 host 172.16.100.12
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 1433
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 1812
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 2967
    permit tcp host 192.168.1.36 host 172.16.100.12 range 8005 8765
    permit tcp host 192.168.1.36 host 172.16.100.12 eq 9090
    permit udp host 192.168.1.36 host 172.16.100.12 eq 39999
    permit udp host 192.168.1.36 eq 39999 host 172.16.100.12
    permit udp host 192.168.1.36 eq 1812 host 172.16.100.12
    permit udp host 192.168.1.36 host 172.16.100.12 eq 1812
     
    what else need???


  • 12.  RE: Whats ports i need open?

    Posted Feb 06, 2014 01:36 AM

    Does 172.16.100.12 are your SEPM server ?

    You need to open both side ?Does sep client showing offline in sepm ?

    Are you able telnet port 8014 (Client to server and Server to client )?



  • 13.  RE: Whats ports i need open?

    Posted Feb 06, 2014 03:06 AM

    Open port 8014 bidirectionally and check.



  • 14.  RE: Whats ports i need open?

    Posted Feb 06, 2014 03:16 AM
    As we will check on the client if this port on the client
     doesn't obey by default


  • 15.  RE: Whats ports i need open?

    Posted Feb 06, 2014 03:19 AM

    How i can test telnet from SEP to Client computer?



  • 16.  RE: Whats ports i need open?

    Posted Feb 06, 2014 03:57 AM

    You need to SEP client system and open CMD.

    C:\>telent 172.16.100.12 8014



  • 17.  RE: Whats ports i need open?

    Posted Feb 06, 2014 05:00 AM

    You will laugh but in order that everything worked it is necessary that ping would be available

    ICMP open and thats work!!!!


  • 18.  RE: Whats ports i need open?

    Posted Feb 06, 2014 05:02 AM

    Can you please answer this query..

    Does all client showing offline in SEPM ?you need to install new sep client ?



  • 19.  RE: Whats ports i need open?

    Posted Feb 06, 2014 05:11 AM

    When I try to install the client of SEP speaks the computer isn't found

    need to install new sep client



  • 20.  RE: Whats ports i need open?

    Posted Feb 06, 2014 05:16 AM

    Did you use CDW method or Push deployment method ?



  • 21.  RE: Whats ports i need open?

    Posted Feb 06, 2014 05:18 AM

    Push deployment method 



  • 22.  RE: Whats ports i need open?
    Best Answer

    Posted Feb 06, 2014 05:27 AM

    See this articles

    What error do you have received when you find system ?

     

    Function

    Component

    Protocol and port

    Push deployment

    Management server and client

    TCP 139 and 445 on management servers and clients

    UDP 137 and 138 on management servers and clients

    TCP ephemeral ports on management servers and clients

    http://www.symantec.com/business/support/index?page=content&id=HOWTO81451

    http://www.symantec.com/connect/articles/overview-push-deployment-wizard-symantec-endpoint-protection-121



  • 23.  RE: Whats ports i need open?

    Posted Feb 06, 2014 10:06 PM

    TCP 139 and 445 on management servers and clients

    UDP 137 and 138 on management servers and clients

    TCP ephemeral ports on management servers and clients

    8014

    And else client host MUST to be able ICMP from server SEP)

    And after this open  we have WORK WORK WORK))))

    All Thanks, and especially to you James007



  • 24.  RE: Whats ports i need open?

    Posted Feb 06, 2014 10:07 PM

    Glad to help you wink



  • 25.  RE: Whats ports i need open?

    Posted Feb 11, 2014 09:56 PM
    I didn't want to open a new subject therefore I will ask here.
    On one of servers costs status offline.
     
    I sent Communircation package to this server, and i received: deployment status-ok, Communircation Update status -failure
    But sometimes the status becomes online, but updatings exactly don't take place everything


  • 26.  RE: Whats ports i need open?

    Posted Feb 11, 2014 10:05 PM

    enable sylink debugging to see what's going on

    How to enable Sylink debugging for the Symantec Endpoint Protection 11.x and 12.1 client in the Windows Registry



  • 27.  RE: Whats ports i need open?

    Posted Feb 11, 2014 11:43 PM

    Ok, i will try.

    May be you can tell me on my next question?

    I installed LUA on my new server, but when i try download UPDATES- i have: 

    Symantec LiveUpdate - HTTP Failover Server http://liveupdate.symantec.com:80/ Unreachable Never
    Symantec LiveUpdate http://liveupdate.symantecliveupdate.com:80/ Unreachable 

     



  • 28.  RE: Whats ports i need open?

    Posted Feb 11, 2014 11:47 PM

    Hi Cloom@Live.ru,

     

    If you don't mind can you raised different thread for better supports



  • 29.  RE: Whats ports i need open?

    Posted Feb 12, 2014 12:04 AM

    You can open below ports

    URLs

    hosts/0/url=http://liveupdate.symantecliveupdate.com:80
    hosts/1/url=http://liveupdate.symantec.com:80
    hosts/2/url=ftp://update.symantec.com/opt/content/onramp

    How to determine whether your firewall is blocking LiveUpdate

     

    Article:TECH139451 | Created: 2010-09-09 | Updated: 2011-08-26 | Article URL http://www.symantec.com/docs/TECH139451

     



  • 30.  RE: Whats ports i need open?

    Posted Feb 12, 2014 12:20 AM

    Hi James007. Ok.

    https://www-secure.symantec.com/connect/forums/symantec-liveupdate-http-failover-server



  • 31.  RE: Whats ports i need open?

    Posted Feb 12, 2014 12:56 AM

    I find problem- 80 port was is close to http://liveupdate.symantecliveupdate.com

     

    Thanks agane for you James007



  • 32.  RE: Whats ports i need open?

    Posted Feb 12, 2014 01:01 AM

    Glad to help you please update your another thread.