DLP Endpoint Agent does not communicate when connected by Microsoft Direct Access (VPN)
Last Updated July 12, 2019
You have DLP Endpoint agents installed and working correctly when on the LAN. Policies are received, incidents are communicated etc.
However, connecting by Microsoft Direct Access notice that the agent recieves no DLP policy changes. You can ping the detection server and telnet to port 10443 on the detection server. No incidents are created until the agent reconnects to the LAN.
DLP 11.x, 12.x, 14.x, 15.x
FINEST level logs from the Endpoint Agent show messages such as:
8024 | FINEST | Communication.CurlTransportLayer | TransportDisconnectionInformation [DisconnectReason: FAILURE_TO_CONNECT, TransportErrorCode: SERVER_UNREACHABLE, ErrorMessage:Libcurl Error: '7'. Error Message: Couldn't connect to server. Last Error String: Failed to connect to <DetectionServerName.YourCompany.com> port 10443: Timed out
Microsoft Direct Access supports IPv6 connections only. All current versions of the DLP Endpoint Agent require native IPv4 connectivity.
See extract from the administrator guide for DLP (version 15.1):
Symantec Data Loss Prevention IPv6 support is limited to [Network] monitoring [solution]. The Enforce Server administration console must still be deployed on an IPv4 network; there is no support for command and control functionality over IPv6. This release does not include support for:
Deployment of Symantec Data Loss Prevention over IPv6 networks
Support of other Symantec Data Loss Prevention servers on IPv6 networks
Use of IPv6 system-defined data identifiers
Use of IP fragmentation over IPv6
Configuring or communicating with detection servers over IPv6
Deployment of IPv6 endpoints
Deployment of Symantec Encryption Server on IPv6
Deployment of the Oracle database on an IPv6 connection
See Configure a protocol in online Help for more information about specific implementation details of IPv6 support.
Only Network Monitor solution currently supports IPv6.
An enhancement request has been logged, but currently no release version has been assigned.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe