cancel
Showing results for 
Search instead for 
Did you mean: 
kenobe
Level 10
Report Inappropriate Content
Message 1 of 5

HIPS 8 and EAPOL

Jump to solution

Hi all, I am trying to deploy HIPS 8 to my workstation and get an error in the HIPS 8 log saying it blocked EAPOL, then it blocks all traffic on me.  I have to disable all HIPS functions in order to continue.  I tried creating an exception in the firewall for that bizarre protocol but so far no joy.  Screen shot attached.  Any suggestions?

Thanks, Ken

1 Solution

Accepted Solutions
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: HIPS 8 and EAPOL

Jump to solution

1. Edit therule and disable the SCHEDULE option.  The schedule option should only be used if you want the rule active/inactive during certain times/days.

2. Verify the rule is ENABLED too.

4 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: HIPS 8 and EAPOL

Jump to solution

Create a firewall rule with the Network protocol set to Non-IP Protocol -> Select etherType from the list -> EAPOL.

kenobe
Level 10
Report Inappropriate Content
Message 3 of 5

Re: HIPS 8 and EAPOL

Jump to solution

Hi Kary, I did make that exception but I'm still getting blocked.  Firewall rule screen shot shows it's there but not checked:

firewall rules.JPG

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: HIPS 8 and EAPOL

Jump to solution

1. Edit therule and disable the SCHEDULE option.  The schedule option should only be used if you want the rule active/inactive during certain times/days.

2. Verify the rule is ENABLED too.

kenobe
Level 10
Report Inappropriate Content
Message 5 of 5

Re: HIPS 8 and EAPOL

Jump to solution

Ah yes, unchecking the schedule finally made it active in the ruleset.  Wierd, I guess the logic on the schedule is not what I thought it was.

Thanks!

Ken