"Firewall is Malfunctioning" status with Symantec Endpoint Protection

book

Article ID: 158145

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection ( SEP ) 14.x installation is complete but it shows an issue with the Firewall module:

"Firewall is Malfunctioning"

Cleanwipe and a new installation do not fix the problem.

Binding the NIC by following the below procedure has no effect:

1. Open properties of NIC adapter.

2. Click Install and select 'Service' and then click 'Add'

3. Click 'Have Disk' and browse to "<Symantec install path>\14.x.xxxx.xxxx.xxx\Bin"

4. Based on the OS, select 'teefer.inf' file from following folder and install.

TeeferVista (winVista & win7)

TeeferWin8 (Win8 and above)

TeeferXP (winXP & win2003)

5. Reboot machine and check.

 

Teefer logs:

2013-06-24 12:14:14 sourceFolder: C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\TeeferVista
2013-06-24 12:14:14 teefer.inf: C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\TeeferVista\ teefer.inf
2013-06-24 12:14:21 Acquired write lock for 'Symantec Firewall'
2013-06-24 12:14:21 Release write lock for 'Symantec Firewall'
2013-06-24 12:14:21 Check the service database lock status.
2013-06-24 12:14:21 The service database is locked, lock acquired by ".\NT Service Control Manager" for 28s
2013-06-24 12:14:23 ERROR: Call to installNetComponent() failed: 0x8004a029
2013-06-24 12:14:23 Teefer install failed, trying once more in 5 seconds
2013-06-24 12:14:28 Found 'oem137.inf'
2013-06-24 12:14:28 Uninstalling 'oem137.inf'
2013-06-24 12:14:28 Acquired write lock for 'Symantec Firewall'
2013-06-24 12:14:28 Release write lock for 'Symantec Firewall'
2013-06-24 12:14:28 Check the service database lock status.
2013-06-24 12:14:28 The service database is locked, lock acquired by ".\NT Service Control Manager" for 35s
2013-06-24 12:14:29 ERROR: Call to installNetComponent() failed: 0x8004a029
2013-06-24 12:14:29 InstallFirewall failed second attempt: 0x8004a029

 

Cause

0x8004a029  is related to failure of installing a new network driver since there are too many. The maximum number of network drivers in Windows 7 is 14 ( it is hard coded ) and the default is 8.
The value is editable at the following path: 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\MaxNumFilters



 

Resolution

Edit the the default number of network drivers allowed in the registry.

From the Windows Start menu > Run > Regedit 
Change the number of maximum filter drivers by modifying the following registry DWORD value to 14:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\MaxNumFilters

 

Note: If you don't see MaxNumFilters DWORD, you can create it.  Windows 7 allows 8 filter drivers by default.  Windows 10 is unlimited, but if this operating system was upgraded from Windows 7, there is a chance this setting migrated.

 

 

 

 

Applies To

Windows 7 SP1

Symantec Endpoint Protection 14.x