Setting up Windows Firewall to allow client communications (other wise tasks from the admin console will fail)
Symantec Client Security 3.x and Symantec AntiVirus 10.x
Remote installation tools such as ClientRemote Install and AV Server
Rollout use TCP port 139 and a random TCP port between 1024 and 5000 on
the targeted computers. Windows Firewall is enabled by default in both
Windows XP Service Pack 2 and Windows Server 2003. The firewall blocks
incoming traffic to these ports, preventing installation. The easiest
way to work around this problem is to disable the Windows Firewall
The following Microsoft documents provide information on how to disable the firewall:
- How to turn on or turn off the firewall in Windows XP
- Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2
After installation, you can enable Windows Firewall again. If you want
to use Symantec System Center to manage clients, you must open TCP port
2967 in Windows Firewall on the clients.
To open port 2967 on the clients
- On the Windows taskbar, click Start > Settings > Control Panel.
- Double-click Security Center.
- Click Windows Firewall.
- On the Exceptions tab, click Add Port.
- In the Add a Port window, in the Port Number box, type the following:
- Click TCP, and then click OK.
- In the Windows Firewall window, click OK.
For a complete list of the ports that are used for communication in Symantec AntiVirus 10.x, read Ports used for communication in Symantec AntiVirus 10.x and Symantec Client Security 3.x.
obtained from: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2004070817071248?Open&src=&docid=2005033011582148&nsf=ent-security.nsf&view=pfdocs&dtype=corp&prod=&ver=&osv=&osv_lvl=&seg=