This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default Firewall Policy Preventing my clients from updating

Hey All,

I have a slightly complex network and I beleive its causing some trouble for me.

This happens when I install Endpoint 10 + Firewall to a new computer from the network share. Everything installs fine, but when the install is done and Sophos is loaded the default firewall settings prevent the client from updating since the firewall blocks the update server.

To get around this I simply disable the sophos firewall after I install and then tell the client to update, it updates and gets the correct policies (including the firewall policy that lets it update)

So I guess my question is, how to I set the install package policy to allow access through the firewall to my update server.

Thanks,

Tyler

This thread was automatically locked due to age.

0 QC over 13 years ago

Hello Tyler,
each Sophos component comes with a file called scf.dat (see here for AutoUpdate, right before Significant registry keys) which tells SCF to trust the necessary programs/processes. Thus no extra rule should be needed. Are there corresponding entries in the log and what are the reasons that AutoUpdate is blocked?
After an install including SCF a reboot is required though - if it doesn't work without creating a custom policy after a reboot you should contact Support..
Christian
:27179
Cancel
Vote Up 0 Vote Down

Cancel
0 jak over 13 years ago

Hi,
Is it name lookups, i.e. the client trying to resolve the SEC server? As Christian says, what traffic is being blocked?
If so, you could try deploying as a test with an IP address in the updating policy, does it work?
I assume you're running setup.exe from the CID? And the machine has AutoUpdate, RMS, SAV as well as part of this?
Regards,
Jak
:27183
Cancel
Vote Up 0 Vote Down

Cancel