Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
787 Views 5 Replies Latest reply: Sep 20, 2013 3:26 PM by Leonardo Dias RSS
Leonardo Dias Newcomer 11 posts since
Nov 11, 2012
Currently Being Moderated

Sep 12, 2013 1:17 PM

Connection Isolation matching error

Hi friends,

 

 

     I've configured a CAG (Connetion Aware Group) on HIPS Catalog and put some rules within it. In the configuration I've configured Description, Location and Network Options tabs in Firewall Group Builder, but it's not working.

 

 

I got this output on the FireSvc.log on the client which is a workstation running Windows 7. See the output piece below:

 

 

I'm running ePO 4.6 and HIPS 8.0.

 

 

Anyone knows how can I solve it?

 

 

*********************************************************************

**************** Calculate Effective Location Policy ****************

 

 

****** Adapter Info

Adapter #1

  IPV4 interface index = 11

  IPV6 interface index = 11

  Physical Address = 00-0c-29-2d-7a-86

  Physical medium = FW_PHYSICAL_MEDIUM_WIRED

  DNS suffix #1 =

  IP address #1 = FE80:0000:0000:0000:9C2A:A07C:7AC3:4045

  IP address #2 = 192.168.0.171

  Gateway address #1 = 192.168.0.174

  DHCP enabled = false

  No DHCP server addresses

  Has WINS = false

  No Primary WINS server addresses

  No Secondary WINS server addresses

  DNS server address #1 = 192.168.0.170

  DNS server address #2 = 8.8.8.8

 

 

Adapter #2

  IPV4 interface index = 1

  IPV6 interface index = 1

  Physical Address = 00-00-00-00-00-00

  Physical medium = FW_PHYSICAL_MEDIUM_WIRED

  DNS suffix #1 =

  IP address #1 = 0000:0000:0000:0000:0000:0000:0000:0001

  IP address #2 = 127.0.0.1

  No Gateway addresses

  DHCP enabled = false

  No DHCP server addresses

  Has WINS = false

  No Primary WINS server addresses

  No Secondary WINS server addresses

  DNS server address #1 = FEC0:0000:0000:FFFF:0000:0000:0000:0001

  DNS server address #2 = FEC0:0000:0000:FFFF:0000:0000:0000:0002

  DNS server address #3 = FEC0:0000:0000:FFFF:0000:0000:0000:0003

 

 

****** Location Info

Group "Isolation"

  Client id = 38d53aaa-356d-449d-a087-0f29fd89a971

  Requires home network = true

  Hot drop if not match = true

  Is ipv4 = true

  Is ipv6 = true

  Registry key =

  Physical medium = FW_PHYSICAL_MEDIUM_WIRED

  DNS suffix = security.lab

  Gateway = 192.168.0.174

  DNS server = 8.8.8.8

  DNS server = 192.168.0.170

 

 

 

 

****** Currently Active Locations

None of the cags matched the adapters.

 

 

**************** End of Effective Location Policy *******************

*********************************************************************

  • greatscott Champion 288 posts since
    Jul 18, 2011
    Currently Being Moderated
    1. Sep 12, 2013 3:27 PM (in response to Leonardo Dias)
    Re: Connection Isolation matching error

    What are you trying to do? What is it not doing that you want it to do?

     

    Can you screenshot the firewall policy and the details of the group from within ePO? Can you also provide an ipconfig /all output from the system? Do you have IPv6 services enabled?

  • greatscott Champion 288 posts since
    Jul 18, 2011
    Currently Being Moderated
    3. Sep 16, 2013 10:38 AM (in response to Leonardo Dias)
    Re: Connection Isolation matching error

    Ok, so packets from NIC 2 are being permitted? Are you in regular protection mode for the firewall, and not in any adaptive or learn modes?

  • Kary Tankink McAfee Employee 659 posts since
    Mar 3, 2010
    Currently Being Moderated
    4. Sep 16, 2013 12:17 PM (in response to Leonardo Dias)
    Re: Connection Isolation matching error

    Your system does not have the correct Connection-specific DNS suffix (security.lab).

     

    ****** Adapter Info

    Adapter #1

      IPV4 interface index = 11

      IPV6 interface index = 11

      Physical Address = 00-0c-29-2d-7a-86

      Physical medium = FW_PHYSICAL_MEDIUM_WIRED

      DNS suffix #1 =

     

     

    ****** Location Info

    Group "Isolation"

      Client id = 38d53aaa-356d-449d-a087-0f29fd89a971

      Requires home network = true

      Hot drop if not match = true

      Is ipv4 = true

      Is ipv6 = true

      Registry key =

      Physical medium = FW_PHYSICAL_MEDIUM_WIRED

      DNS suffix = security.lab

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points