Jump to content

ESET Endpoint Security 5: Firewall blocking DHCP requests


blazej44800
 Share

Recommended Posts

Hello

 

I'm using ESET Endpoint Security 5 on Windows 8.1. Firewall is setted up in interactive mode and I'm really strict with this. I'm blocking all not needed comunications including from system processes (explorer.exe, services.exe, lsass.exe etc.).

 

But it seems that firewall is blocking DHCP requests, because when I connect to network I'm not getting IP adress and network state is Limit (restriced) access only. When I turn off firewall and use ipconfig /renew I will get the IP adress normally. 

 

I'm attaching screenshot of rules, but I don't know how to export full lines. Which rules should I focus on?

post-6268-0-77071000-1422020514_thumb.png

Link to comment
Share on other sites

  • Administrators

Carry on as follows:

- enable logging of blocked communication as well as advanced logging to pcap in the IDS setup -> Troubleshooting

- clear your firewall log

- restart the computer

- reproduce the issue

- disable logging

- collect logs using ESET Log Collector (ELC)

- send me a pm with ELC logs and pcapng file from the folder "C:\ProgramData\ESET\ESET Endpoint Security\Diagnostics" attached.

Link to comment
Share on other sites

Hi

 

It looks to be solved according to your instructions:

- I enabled IDS -> Troubleshooting

- in firewall log was message "No process listening on port 67-68"

- and yes, I added denied rule for all TCP & UDP traffic for svchost.exe, but above was default ESET rule for allowing DHCP&DHCPv6 for svchost.exe

- but it seems to be not working

- so I add new rule for allowing UDP for 67,68,53 and 123 already

- now after restarting everything is working very well

 

Thanks for your support!

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...