Solved

MS Remote Assist does not work to PC behind Nokia IP390 secured with Checkpoint.

Posted on 2007-12-03
3
1,242 Views
Last Modified: 2013-11-16
Hi, I am trying to use Remote Assistance on a group of Windows XP SP1 workstations which are now in a network behind a Nokia IP390 firewall.  This previously worked before the Nokia was implemented.

There is only one entry in the firewall rule base, *any *any *any accept.  This is because we are currently monitoring what traffic is flowing through this gateway.

When trying to remote assist a workstation I get this message "The remote server machine does not exist or is unavailable" and I get one checkpoint accept log entry for epmap followed immediately by a reject entry for epmap, with Attack information of "DCE-RPC Enforcement Violation UUID is not allowed through the Rule Base".

I have edited the Checkpoint Smart Center dcerpc.def and changed "define ALLOW_135 0" to "define ALLOW_135 1" and pushed the policies, but this issue still exists.

Does anyone have any ideas what I can try next?
0
Comment
Question by:nowonmai666
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 14

Expert Comment

by:grimkin
ID: 20407051
HIya,

Do you have SmartDefense running?
0
 

Author Comment

by:nowonmai666
ID: 20409961
Hello

Smart defense has been disabled or set to monitor only where possible.

I found out that the Smart center is running R65 HFA02 but the Nokia IPSO was not.  HFA02 contains a fix where smart defense is still blocking traffic even though it is disabled.  I've patched both Nokia firewalls, just waiting for a suitable time to turn the rule base back on as they are currently only routing traffic.
0
 

Accepted Solution

by:
nowonmai666 earned 0 total points
ID: 21011937
Fixed my problem.  Patched Nokia IPSO to 4.2-Build078,  Checkpoint NGX R65 HFA02.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Firewall question 5 101
Allowing Youtube access only for 30 PCs on the network - BLOXX filtering system 3 113
Hardening ScreenOS 8 139
Checkpoint interface differences 1 46
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question