AFS-USERS Archives

March 2011

AFS-USERS@LISTSERV.DARTMOUTH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
AFS Windows Client and Symantec Firewall settings.
From:
Richard Brittain <[log in to unmask]>
Reply To:
AFS users at Dartmouth <[log in to unmask]>
Date:
Thu, 17 Mar 2011 11:47:40 -0400
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (23 lines) 
It has come to our notice that a fresh install of Symantec Endpoint 
Protection, following all the configuration steps suggested in
<http://www.dartmouth.edu/comp/soft-comp/software/downloads/windows/sav.html>, 
can result in a system blocking the traffic used for authentication.  It 
can be fixed by creating a new rule explicitly allowing UDP traffic from 
the applications "afscreds.exe" and "klog.exe".  Other OpenAFS utilities 
and the core client functionality don't seem to need any special 
configuration.

If you use OpenAFS on Windows and have Symantec Endpoint Protection 
installed, please let us know if you have encountered problems.  It will 
be very obvious -- the authentication tools will complain that they cannot 
reach any authentication servers.

This situation seems to have arisen some time in the last few months.

Richard
-- 
Richard Brittain,  Research Computing Group,
                    Computing Services, 37 Dewey Field Road, HB6219
                    Dartmouth College, Hanover NH 03755
[log in to unmask] 6-2085

ATOM RSS1 RSS2