blazej44800 0 Posted January 23, 2015 Share Posted January 23, 2015 Hello I'm using ESET Endpoint Security 5 on Windows 8.1. Firewall is setted up in interactive mode and I'm really strict with this. I'm blocking all not needed comunications including from system processes (explorer.exe, services.exe, lsass.exe etc.). But it seems that firewall is blocking DHCP requests, because when I connect to network I'm not getting IP adress and network state is Limit (restriced) access only. When I turn off firewall and use ipconfig /renew I will get the IP adress normally. I'm attaching screenshot of rules, but I don't know how to export full lines. Which rules should I focus on? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,709 Posted January 24, 2015 Administrators Share Posted January 24, 2015 Carry on as follows: - enable logging of blocked communication as well as advanced logging to pcap in the IDS setup -> Troubleshooting - clear your firewall log - restart the computer - reproduce the issue - disable logging - collect logs using ESET Log Collector (ELC) - send me a pm with ELC logs and pcapng file from the folder "C:\ProgramData\ESET\ESET Endpoint Security\Diagnostics" attached. Link to comment Share on other sites More sharing options...
blazej44800 0 Posted January 24, 2015 Author Share Posted January 24, 2015 Hi It looks to be solved according to your instructions: - I enabled IDS -> Troubleshooting - in firewall log was message "No process listening on port 67-68" - and yes, I added denied rule for all TCP & UDP traffic for svchost.exe, but above was default ESET rule for allowing DHCP&DHCPv6 for svchost.exe - but it seems to be not working - so I add new rule for allowing UDP for 67,68,53 and 123 already - now after restarting everything is working very well Thanks for your support! Link to comment Share on other sites More sharing options...
Recommended Posts