I have a problem where our machines suddenly can't connect from an untrusted network to our VPN. It fails on the DNS lookup of the name of the destination VPN server. If I put in the IP address of the destination VPN server, it works.
While still using the DNS name of the destination VPN server as the target in our Avaya VPN client, when SEP is enabled it fails every time on the lookup. If I right-click on the SEP tray icon and select Disable Symantec Endpoing Protection, it still fails. But, if I run an smc -stop from the command prompt to completely stop SEP, then it works.
Also, if I stop SEP and connect to VPN once, then disconnect, and restart SEP, it will work the second time. I think that's because the IP associated with the target DNS name is cached for a short period of time. If I reboot the machine, I'm back to square one where the machine can't connect again.
In the traffic log, I don't see any blocked outbound DNS requests. I'm not sure what to do here. Which things are turned off when you run smc -stop that would still be running when you select the Disable Symantec Endpoint Protection system tray option? There seems to be a difference and whatever that difference is seems to be stopping the DNS lookups. I don't see any security alerts in any of the logs.