Note: This article was originally published in 2006. Some steps, commands, or software versions may have changed. Check the current General documentation for the latest information.
Symantec Client Security 3.x and Symantec AntiVirus 10.x
Remote installation tools such as ClientRemote Install and AV Server Rollout use TCP port 139 and a random TCP port between 1024 and 5000 on the targeted computers. Windows Firewall is enabled by default in both Windows XP Service Pack 2 and Windows Server 2003. The firewall blocks incoming traffic to these ports, preventing installation. The easiest way to work around this problem is to disable the Windows Firewall before installation.
The following Microsoft documents provide information on how to disable the firewall:
- (http://support.microsoft.com/default.aspx?scid=kb;en-us;283673)
- (http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&DisplayLang=en)
After installation, you can enable Windows Firewall again. If you want to use Symantec System Center to manage clients, you must open TCP port 2967 in Windows Firewall on the clients.
To open port 2967 on the clients
- On the Windows taskbar, click Start > Settings > Control Panel.
- Double-click Security Center.
- Click Windows Firewall.
- On the Exceptions tab, clickAdd Port.
- In the Add a Port window, in the Port Number box, type the following:
**2967
**
6. Click TCP , and then click OK.
7. In the Windows Firewall window, click OK.
For a complete list of the ports that are used for communication in Symantec AntiVirus 10.x, read (http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005033011582148?Open&src=&docid=2004070817071248&nsf=ent-security.nsf&view=docid&dtype=corp&prod=&ver=&osv=&osv_lvl=&seg=).