I'm having some difficulties exposing a standard windows file share on a Windows Embedded Standard 2009 device that is running Symantec Endpoint Protection Agent 5.1.
I'm using simply file sharing to expose a particular directory. That share is visible locally on the machine and externally visible when I disable the endpoint protection agent.
I've added a rule (and moved it to the to ensure priority) allowing all hosts access on TDP ports 137,138,138,445 and another rule allowing UDP access on ports 137,138,139. When I try to connect, two endpoint protection dialogs pop up saying:
Traffic has been blocked from this application: NWLINK2 IPX Protocol Driver (nwlnkipx.sys)
Traffic has been blocked from this application: IPv6 driver (tcpip6.sys)
I'm not using IPv6 anywhere.
Interestingly, I discovered a workaround in that I can white-list all traffic from the subnet the device is on, which meets my needs, but I'm still curious as to why my original approach wasn't successful.
Can anyone suggestion a reason why the above endpoint protection rules won't allow me to access windows file shares on the device?
Solution : http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/684e821eb0b394f8882575070060f2a4?OpenDocument
Somehow I missed that during my initial searching. The version I'm using (5.1) didn't match the steps exactly, but once I implemented the rules, I was able to access my share.
I basically ended up creating 4 rules rather than the one that I was trying to do as well as adding the rules for port 88 (according to wikipedia this is Kerberos, which seems a little odd). Once this was done I was able to access my share as intended..