cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
1900
Views
0
Helpful
1
Replies

DCE RPC Inspection and Active Directory Services

avilt
Level 3
Level 3

If I enable dce/rpc inspection, can I have active directory over firewalls without allowing dynamic ports?

 

I have 2012 R2 domain controllers in firewall segment and AD clients in a different subnet. 

1 Reply 1

Dennis Mink
VIP Alumni
VIP Alumni

here is an older post on it.

 

https://supportforums.cisco.com/t5/security-documents/dcerpc-inspection-on-asa-pix-fwsm/ta-p/3126387

 

so theoretically it works. but packet inspection is not always a silver bullet

Please remember to rate useful posts, by clicking on the stars below.

Review Cisco Networking for a $25 gift card