Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
524
Views
0
Helpful
0
Replies

dcerpc firewall rules on ISR router

Jerome_GE
Level 1
Level 1

‎11-14-2018 09:10 AM - edited ‎02-21-2020 08:28 AM

Hello,

 

I'm trying to configure a firewall rules that allow the dcerpc communication between my Active Directory server and Domain Computer.

 

I've got some problem to push GPO from the AD because it use rpc port (port n°135) but after use a new port send from the rpc server. (For example port 135 first and then port 49585 (this one is random))

 

I need to create a rule to allow the port send by the rpc server after the rpc connexion.

 

Do you think that this rule can work ? (Rules to apply between the RPC client and RPC server)

 

class-map type inspect match-any msrpc-cmap
    match protocol msrpc

 

policy-map type inspect msrpc-pmap
   class type inspect msrpc-cmap
   inspect

 

Thanks in advance.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card