checkpoint firewall allow msdtc and rpc


I need to allow the following through my checkpoint firewall r70.30
 •      MS RPC EndPoint
•      MS-DTC interface

It is possible to do this by protocol as apposed to just opening all the ports?
Also what about a UUID inside the packet?
Who is Participating?
Ernie BeekConnect With a Mentor ExpertCommented:
MS RPC EndPoint is TCP port 135 (UUID E1AF8308-5D1F-11C9-91A4-08002B14A0FA)
MS-DTC interface is TCP port 3372 (UUID 906B0CE0-C70B-1067-B317-00DD010662DA)

So you could do it on a per protocol base.
neoptoentAuthor Commented:
What about the high ports needed like 1024 - 65....
would those be covered in the protocol settings?
Ernie BeekExpertCommented:
Depends on what you mean exactly.
If you are referring to return traffic, that is allowed by default.
If you are referring to additional incoming connections, the checkpoint is a stateful firewall. This means that it 'knows' that related incoming traffic (related to the initial setup over one of those ports) should be allowed as well.
So you should be ok with that.
neoptoentAuthor Commented:
Are those protocol built into checkpoint so that I could just select them?
Ernie BeekExpertCommented:
I think so, they are quite common.
You'll have to create the rules though.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.