cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Unblock by IP address in Firewall.

Hopefully an easy one for you pros. I'm newb just learning ENS and want to put an exclusion on the clients to allow traffic from one server. (sccm box) 

I can't really figure out how to do this on the EPO sever in the rules section.

 Any tips - pointers. please.

Thanks

 

6 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: Unblock by IP address in Firewall.

Our product guide on pg.137 covers this.- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26799/en_US/...

but short answer:

  1. Go into EPO
  2. Go into Policy Catalog
  3. Select Endpoint Secuirty firewall under product at the top
  4. Select/Create your firewall Rules policy
  5. Create add rule

               Name: Whatever you want

               Status: Enable

               Action: Allow

               Direction:  Either or In (depending if you want to allow return or out or not)

               Notes: N/A

               Network Protocol: Select your protocol (Any, IPv4 or IPv6) 

               Connection type: Keep all three selected unless you want to control wireless/wired connections only

                Specify networks: This is where you need to specify what ip address is allowed, Is it internal or external. (example: 192 would be internal, 66.xxx is external network)

                Transport: All protocols

 

Then click save.

.

Then on the Firewall Rules  List make sure your rule is above anything that is set to block.  (firewall rules work top down on the list).

 

Let me know if you have questions or please send me screen shots.

 

 

 

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 7

Re: Unblock by IP address in Firewall.

That shows how to do it on the Client - here's how to do it in ePO:

https://docs.mcafee.com/bundle/endpoint-security-10.5.0-client-firewall-product-guide-epolicy-orches...

Hope this helps!


@BenEllis wrote:

Our product guide on pg.137 covers this.- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26799/en_US/...

but short answer:

  1. Go into EPO
  2. Go into Policy Catalog
  3. Select Endpoint Secuirty firewall under product at the top
  4. Select/Create your firewall Rules policy
  5. Create add rule

               Name: Whatever you want

               Status: Enable

               Action: Allow

               Direction:  Either or In (depending if you want to allow return or out or not)

               Notes: N/A

               Network Protocol: Select your protocol (Any, IPv4 or IPv6) 

               Connection type: Keep all three selected unless you want to control wireless/wired connections only

                Specify networks: This is where you need to specify what ip address is allowed, Is it internal or external. (example: 192 would be internal, 66.xxx is external network)

                Transport: All protocols

 

Then click save.

.

Then on the Firewall Rules  List make sure your rule is above anything that is set to block.  (firewall rules work top down on the list).

 

Let me know if you have questions or please send me screen shots.

 

 

 


 

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: Unblock by IP address in Firewall.

Additionally, if you edit the ENS Firewall Options policy and add it as a Trusted IP address in the Defined Networks section, the Firewall will allow all traffic to/from that IP address without the need for a specific firewall rule (e.g., an implicit trust for that IP address).  

If you're wanting to allow only certain traffic to/from that IP address, then use a Firewall rule as Ben mentioned above.

 

2018-07-27 11_18_41-ePolicy Orchestrator 5.3.3.jpg

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: Unblock by IP address in Firewall.

Which one was useless, My steps i gave you was from Firewall Policy in epo direct. 

Did it not work for you? Did you make sure your rule was at the top of the list?

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: Unblock by IP address in Firewall.

Can you show us how your rule is setup? Is it at the top of the list.

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted

Re: Unblock by IP address in Firewall.

Hi There, can someone please help in unblocking the our Cisco AnyConnect VPN? were having issue at this moment as most of the users are working remotely which requires VPN to have access to our network. The problem is, when the laptop gets Quarantined (IPv6 Blocking then comes All IP Blocking is the sequence of the Firewall Rules). What happens is when the infected users got those Blocking policy via automatic response, we can no longer bring their machine out of Quarantine as the blocking policy stays the same because the VPN is not reconnecting and it will result for the McAfee Agent to failed communicate to the ePO server. Any suggestions would be a great help!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community