1900
Views
0
Helpful
1
Replies
DCE RPC Inspection and Active Directory Services
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-13-2018 09:52 AM - edited 02-21-2020 07:52 AM
If I enable dce/rpc inspection, can I have active directory over firewalls without allowing dynamic ports?
I have 2012 R2 domain controllers in firewall segment and AD clients in a different subnet.
Labels:
- Labels:
-
NGFW Firewalls
1 Reply 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2018 07:14 AM
here is an older post on it.
https://supportforums.cisco.com/t5/security-documents/dcerpc-inspection-on-asa-pix-fwsm/ta-p/3126387
so theoretically it works. but packet inspection is not always a silver bullet
Please remember to rate useful posts, by clicking on the stars below.
