?
Solved

MS Remote Assist does not work to PC behind Nokia IP390 secured with Checkpoint.

Posted on 2007-12-03
3
Medium Priority
?
1,247 Views
Last Modified: 2013-11-16
Hi, I am trying to use Remote Assistance on a group of Windows XP SP1 workstations which are now in a network behind a Nokia IP390 firewall.  This previously worked before the Nokia was implemented.

There is only one entry in the firewall rule base, *any *any *any accept.  This is because we are currently monitoring what traffic is flowing through this gateway.

When trying to remote assist a workstation I get this message "The remote server machine does not exist or is unavailable" and I get one checkpoint accept log entry for epmap followed immediately by a reject entry for epmap, with Attack information of "DCE-RPC Enforcement Violation UUID is not allowed through the Rule Base".

I have edited the Checkpoint Smart Center dcerpc.def and changed "define ALLOW_135 0" to "define ALLOW_135 1" and pushed the policies, but this issue still exists.

Does anyone have any ideas what I can try next?
0
Comment
Question by:nowonmai666
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 14

Expert Comment

by:grimkin
ID: 20407051
HIya,

Do you have SmartDefense running?
0
 

Author Comment

by:nowonmai666
ID: 20409961
Hello

Smart defense has been disabled or set to monitor only where possible.

I found out that the Smart center is running R65 HFA02 but the Nokia IPSO was not.  HFA02 contains a fix where smart defense is still blocking traffic even though it is disabled.  I've patched both Nokia firewalls, just waiting for a suitable time to turn the rule base back on as they are currently only routing traffic.
0
 

Accepted Solution

by:
nowonmai666 earned 0 total points
ID: 21011937
Fixed my problem.  Patched Nokia IPSO to 4.2-Build078,  Checkpoint NGX R65 HFA02.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month11 days, 22 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question