- My customer using Total Protection Service have 2 problems:
+ On the server 04: the clients can't communicate with Server which have McAfee with firewall, when they removed firewall then it's ok.
+ On the server01 is blocking the internet, so they have to block the firewall because McAfee need internet to update products.
- Anyone here have this issue before? and how to fix it? Thanks for your ideas!
You have to make rules on the firewall to pass your traffic.
You can take an audit to see what it is blocking:
$> acat -ake "type t_netprobe or event AUDIT_R_ACLDENY"
Then try your traffic. The audit will be written to your screen.
If you get a netprobe, this means you do not have a service listening in a rule to pass this traffic (you don't have a rule for this traffic).
If you get an ACL Deny, this means you DO have a rule with this service, but the traffic does not match the rule (some part of the rule besides the service, like source/dest. endpoints or even the Application Defenses, does not match).