Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
297
Views
0
Helpful
0
Replies

ASA v9.x DCERPC Inspection not working correctly with Hyper-V Manager

pic_whizz
Level 1
Level 1

‎11-01-2016 09:50 AM - edited ‎03-12-2019 01:28 AM

Hi All,

I'm having issues with this particular traffic flow and see multiple connections from various source ports to the same high order port TCP/49155 being denied whilst using hyper-v manager through the firewall. Bi-directional AD traffic works fine using DCERPC inspection, just not Hyper-v Manager. I can see the Hyper-v manager is using DCOM ISystemActivator, with RemoteCreateInstance calls for port TCP/49155 but for some reason its refusing to work unless I manually open ports 49154-65535 bi-directionally. 

Is this a bug? I have tried 9.2, 9.4, 9.5, 9.6 with no luck. Do anyone have a working solution for Hyper-v Manager through the ASA? 

I have experimented with pinhole timers but this does not fix the issue either.

Any advice appreciated,

cheers,

Matt

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card