cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

ENS firewall blocking application

Jump to solution

ENS FW is blocking an application. Based on the event attached, I created a rule that allows all inbound TCP traffic and then added "IP1" as the local network. This is not working. Is this how I was supposed to configure it?

1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09 

The adaptive rules would be found on the local console - same location as has already been mentioned by my colleagues. A group called "adaptive" can be seen. Or if you want to check via ePO you can navigate to the reporting section and look at "Firewall Client Rules".

See here for more details: https://docs.mcafee.com/bundle/endpoint-security-10.5.0-firewall-product-guide-epolicy-orchestrator-...

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

9 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09,

Thank you for your post. I am afraid the rule may be flawed at the local Networks part. Can you try leaving the "Specify networks" part empty and check if that works (not a solution, just an attempt to isolate the problem here) ?

This will tell us if the network information is what requires a change here.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09,

Also, If you do not mind me asking, may I know if you have tried Adaptive mode and checked the automatic rules generated to see which rule or set of adaptive rules would help you keep this traffic allowed? Comes real handy at situations like this 🙂

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Highlighted

Re: ENS firewall blocking application

Jump to solution

i put it in adaptive mode. where would i check to find automatically generated rules?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09 

The adaptive rules would be found on the local console - same location as has already been mentioned by my colleagues. A group called "adaptive" can be seen. Or if you want to check via ePO you can navigate to the reporting section and look at "Firewall Client Rules".

See here for more details: https://docs.mcafee.com/bundle/endpoint-security-10.5.0-firewall-product-guide-epolicy-orchestrator-...

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 10

Re: ENS firewall blocking application

Jump to solution

Have you checked in the client console if the firewall rule has been received from ePO server?

Highlighted

Re: ENS firewall blocking application

Jump to solution

where do you check that?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09,

Thank you for your response. To verify the rules in the client UI:

  • Please locate and right-click on the McAfee Tray icon and select Endpoint Security.
  • Please click on Firewall on the user Interface. if this is not clickable, then please click on the downward arrow on the right side top of the console an select Settings.
  • If settings is not enabled, please click on the Administrator Logon, punch i the password to unlock the console and then select settings again.
  • Now please click on the "Show Advanced" button on the right side top of the settings page after selecting Firewall tab on the left.
  • On the left Tab, you should see an option that says Rules under Firewall. Please click on this to compare and confirm if the rules are actually present here.

I have attached a Screen grab for your kind reference. I sincerely hope this helps!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 9 of 10

Re: ENS firewall blocking application

Jump to solution

Hello @rbenson09 


Solely based on your screenshots, the rule seems to be configured properly.

However, are you absolutely sure that the application doesn't work because of this block?

You may find detailed troubleshooting procedure under this link:

*** How to troubleshoot an application or network traffic when using Endpoint Security Firewall
https://kc.mcafee.com/corporate/index?page=content&id=KB90662

Please let us know results.


Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 10

Re: ENS firewall blocking application

Jump to solution

Hi @rbenson09,

Thank you for keeping us posted. Did you get any chance to isolate which part of the rule was causing the issue?

Also, What is the functional impact here? Do we have a Service Request on this one for me to look at? We can assist you over a remote session in few minutes to identify the issue precisely and possibly resolve as well.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community