search cancel

Client computers are unable to receive addresses through DHCP after installing Symantec Endpoint Protection

book

Article ID: 151311

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You install Symantec Endpoint Protection on the DHCP server, then find that client computers are unable to obtain IP addresses through DHCP.

 

Cause

This can happen if Symantec Endpoint Protection is installed on the DHCP server with Network Threat Protection, and is not configured to allow the DHCP service.

Resolution

 

Do one of the following:
 
  • Disable Network Threat Protection on the DHCP Server.
  • Create a rule to allow DHCP communication.

To create a rule to allow DHCP communication in versions prior to 12.1 RU1
  1. In Symantec Endpoint Protection Manager, click Policies.
  2. Under View Policies, click Firewall.
  3. Right-click the firewall policy listed on the right and click Edit.
  4. Click Rules, and then click Add Rule.
  5. Click Next.
  6. Click Network Service, and then click Next.
  7. Check DHCP Server, and then click Finish.
  8. Rename the rule if necessary, and then click OK.
  9. Right-click the policy, and then click Assign.
  10. Select the appropriate groups and click Assign.
  11. Click Yes.
To create a rule to allow DHCP communication in version 12.1 RU1 or later
  1. In Symantec Endpoint Protection Manager, click Policies.
  2. Under View Policies, click Firewall.
  3. Right-click the firewall policy listed on the right and click Edit.
  4. Click Rules, and then click Add Rule.
  5. Name the Rule appropriately IE:  Allow DHCP
  6. Click Next, Next, Next, Next
  7. Choose the option for Only the communications selected below:
  8. Check DHCP Server, and then click Next.
  9. Click Finish. Then OK.
  10. Right-click the policy, and then click Assign.
  11. Select the appropriate groups and click Assign.
  12. Click Yes.