We are hoping someone will be able to assist with us this very strange issue please ?
We are using Windows 8.1 x64 Enterprise with Office 2013 and the latest Symantec Endpoint Proctecion v12.1.5 installed. They are managed using SCCM2012 in a large AD domain environment
When our workstations are NOT connected to the internet (only local intranet) the following errors appear in SYSTEM event log almost continuously (several times a minute).
Event ID:36888 User: SYSTEM OpCode:Info Level:Error Source:SChannel
"A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows Schannel error state is 11."
The process associated with these events is "Local Security Authority Process"
When an internet connection is enabled for these machines these 36888 errors will suddenly stop !.
An event "Error 36887 "A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40." Is also occurring on these machines but only occasionally.
As a result, We suspect there must be a process continuously attempting to connect to an internet service and failing ?.
Some of the things we have tried so far;
- We have disabled all non-essential services (e.g. Windows Store Service) one by one but this didn't fix.
- We have tried disabling Tile updates on Start
- We have tried a bunch of different Group Policy settings to disable different combinations of TLS/SSL in IE config.
- We have searched the internet forums and tried some suggested fixes but this combination of error state and error code seems unique ?.
It doesn't happen on our Windows 7 x64 workstations that have much same apps & configuration.
Any advice or suggestions would be greatly appreciated !
Thanks.
- Edited by Makes006 Thursday, March 05, 2015 7:08 AM
Other recent topics
