Restricting RPC ports for WMI monitoring thru a firewall

hillyeoman
hillyeoman used Ask the Experts™
on
I am trying to restrict the port range that RPC uses on my monitoring server.  I wish to be able to use whats up golds service monitoring feature (uses WMI) through my Cisco PIX firewall.

I have followed the microsoft KB http://support.microsoft.com/kb/154596 but to no avail.  I have also used the RPCCFG utility as described in this KB http://support.microsoft.com/kb/908472 but with no luck.  The reg entries get made but the server still attempts connections outside of my specified port range.

has anyone been able to get this to work?  I have currently opened port 135 and 445 tcp and udp and my port range.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
BTW it is windows 2003 R2 SP2
ok I realise i was looking at this the wrong way round.  After Understanding the RPC endpoint mapper and how it works I now realise that these registry settings need to set on the server to be monitored and not the monitoring server.  

RPC dynamically assigns the port to the connecting host once an inital connection on tcp port 135 has been established.  

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial