Document ID:2004070114274248 Last Modified:04/25/2006

Using Symantec Client Firewall 7.x or later in an Active Directory Environment

Situation:

This document describes how to allow Active Directory connections on computers running Symantec Client Firewall 7.x or later.

Solution:

To allow Active Directory communications, merge the Activedir.cfu policy file in the \Tools\PolicyFiles folder on CD 4 with your current policy file. To merge the Active Directory policy file Start Symantec Client Firewall Administrator. Click File > Open. In the File Open dialog box, find and select your policy file, and then click Open. Click File > Merge. Go to the \Tools\PolicyFiles folder on CD 4. In the File Open dialog box, select All Files in the Files of Type drop-down menu. Do one of the following, depending on the version of Symantec Client Firewall: For Symantec Client Firewall 8.x, find and select the Ad_ipsec.cfu file or the Ad_rpc.cfu file. Use the Ad_ipsec.cfu file in Active Directory environments that use IPSec. Use the Ad_rpc.cfu file in all other Active Directory environments. For Symantec Client Firewall 7.1, find and select the Activedir.cfu policy file. In the Merge Options window, click All Rules. In the Confirmation window, click Yes to All. Save the policy file, and use Symantec System Center to deploy the policy to a client. To learn how to do this, read the document Using Symantec System Center 6.x or later to distribute a Symantec Client Firewall policy.

References:

To create a custom policy using the Symantec Client Firewall Administrator, follow the directions in the document for your program version: Creating a custom policy for Symantec Client Firewall 8.x or Symantec Client Security 3.x Creating a custom policy for Symantec Client Firewall 5.x and 7.x