MS Remote Assist does not work to PC behind Nokia IP390 secured with Checkpoint.
Posted on 2007-12-03
Hi, I am trying to use Remote Assistance on a group of Windows XP SP1 workstations which are now in a network behind a Nokia IP390 firewall. This previously worked before the Nokia was implemented.
There is only one entry in the firewall rule base, *any *any *any accept. This is because we are currently monitoring what traffic is flowing through this gateway.
When trying to remote assist a workstation I get this message "The remote server machine does not exist or is unavailable" and I get one checkpoint accept log entry for epmap followed immediately by a reject entry for epmap, with Attack information of "DCE-RPC Enforcement Violation UUID is not allowed through the Rule Base".
I have edited the Checkpoint Smart Center dcerpc.def and changed "define ALLOW_135 0" to "define ALLOW_135 1" and pushed the policies, but this issue still exists.
Does anyone have any ideas what I can try next?