09-05-2001 08:28 AM - edited 02-20-2020 09:49 PM
Has anyone had any success in passing DCOM/COM through a PIX or any other firewall for that matter. I have one host (Web Server) in a DMZ off the PIX and the other host (Middle Tier)is inside. I have tried NAT'ing the (MIddle Tier) out to the DMZ and letting FULL IP connectivity to it. I have also tried NAT'ing the (Middle Tier) to itself out in the DMZ. (Example, static(inside,web_dmz) 192.168.1.1 192.168.1.1 ) I have seen this work sometimes when trying to NAT NetBios. From what I understand DCOM uses port 135/tcp,135/udp,137/tcp, and some high range ports. I have used Microsoft's utility called DCOMCNFG to narrow the ports down to 5500-5550. I see that the 2 hosts are using these ports, but connectivity and performance are extremly slow and not constant.
09-11-2001 07:30 AM
Youre probably going to have to put a sniffer on the wire to see whats happening. If you are translating to the same address, its not a NAT issue. There may be a problem with multi-homed servers or the protocol stack setup in the MS server. Sniffing the packets will help you determine whats going where and why.
11-13-2001 11:50 AM
Check out this article. It may help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide