Firewall Troubleshooting

The best tool for understanding and troubleshooting the Trend Micro Common Firewall in CPM is a port scanner. Many are available. Use your favorite, or try Nmap, from nmap.org.

General

  1. Disable third-party firewalls or other conflicting products.

  2. Check that you are running CPM version 10.6.

    • In the console, select the Analysis: Endpoint Protection > Core Protection Module > Analyses > CPM Endpoints > Core Protection Module – Endpoint Information.

    • Upgrade endpoints as necessary by running the Task, Endpoint Protection > Core Protection Module > Deployment > Upgrade > Core Protection Module - Upgrade Endpoint.

  3. Confirm that the firewall is enabled.

    • In the console, select Endpoint Protection > Core Protection Module > Analyses > Common Firewall > Common Firewall - Endpoint Firewall Settings.

  4. Check the Action History for Tasks already run, especially if you are using a location property (see Creating Location-Specific Tasks) with your firewall Tasks. Be sure that conflicting policies have not been deployed to the same endpoint(s).

    1. From the console, Endpoint Protection > Core Protection Module > Configuration > Common Firewall > <firewall task name> its Action History.

    2. If you see in the history that multiple firewall Tasks are overwriting one another, chances are that multiple policies are claiming relevance and updating the policy on the endpoint. In this case, delete all your Actions and re-apply the Tasks.

  5. Confirm that the firewall services are running on the computers in question.

    • From the console, click Endpoint Protection > Core Protection Module > Troubleshooting > Core Protection Module - Improper Service Status to run the Improper Service Status Fixlet®.

    • At the endpoints in question, check that the following Windows™ Services are running:
      • OfficeScan NT Listener
      • OfficeScan NT RealTime Scan
      • OfficeScan NT Firewall