Consider the need for a local loopback firewall rule when upgrading Host IPS 8.0 to patch 2
When upgrading to Host IPS 8.0 Patch 2, check to ensure you have a local loopback firewall rule in place on systems which may need it. Communication through or monitoring of the local loopback adapter is used by many client VPN's and other client applications. Host IPS 8.0 patch 2 has faster loading of the run-time firewall rules, and as a result, some network connection problems could occur on systems which may require a properly configured loopback firewall rule.
When fireSvc.exe starts, a boot-time firewall rule set allowing loopback is enforced until run-time policy is loaded. On Patch 1 systems, the run-time policy load took slightly longer to load after firesvc.exe started. Hence, many vpn clients requiring communication through loopback did not have issues connecting to VPN access points. On patch 2, the run-time firewall rules policy loads faster, and could cause connection failures on some VPN clients if a required loopback firewall rule is not configured properly in the run-time rules policy. Refer to KB71230.