Client logs show events resembling the following:
Severity: Major, Event: Active Response, Description: Traffic from IP address is blocked from to
Pop-up on the client machine states 'Traffic blocked for 10 minutes.'
This issue has been addressed in SEP RU6 and onwards.
If you are unable to update to RU6 at this time, the following workaround can be applied:
1. On the SEPM, edit the existing firewall policy
2. Choose Traffic and Stealth Settings
3. Remove the check mark from "Enable Anti-MAC spoofing"
This has been found on Windows XP SP2 and SP3, Windows 2003, Windows Vista, Windows 7 and Windows Server 2008 (& R2).
Did this article resolve your issue?
Did this article save you the trouble of contacting technical support?
How can we make this article more helpful?
Email Address (Optional)
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Submit a suspected infected file to Symantec.
Report a suspected erroneous detection (false positive).
Create and manage cases, manage licensing and renewals, submit threats, and enroll with Symantec Rewards.
Customer and Technical Support phone numbers and hours of operation.
User-to-user forums, blogs, videos, and other community resources on Symantec Connect.
Set default language
Do you wish to save this as your future site?