Solved

checkpoint firewall allow msdtc and rpc

Posted on 2011-03-07
5
1,918 Views
Last Modified: 2012-05-11
Hi,

I need to allow the following through my checkpoint firewall r70.30
 •      MS RPC EndPoint
•      MS-DTC interface


It is possible to do this by protocol as apposed to just opening all the ports?
Also what about a UUID inside the packet?
0
Comment
Question by:neoptoent
  • 3
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 35061115
MS RPC EndPoint is TCP port 135 (UUID E1AF8308-5D1F-11C9-91A4-08002B14A0FA)
MS-DTC interface is TCP port 3372 (UUID 906B0CE0-C70B-1067-B317-00DD010662DA)

So you could do it on a per protocol base.
0
 

Author Comment

by:neoptoent
ID: 35063587
What about the high ports needed like 1024 - 65....
would those be covered in the protocol settings?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35067180
Depends on what you mean exactly.
If you are referring to return traffic, that is allowed by default.
If you are referring to additional incoming connections, the checkpoint is a stateful firewall. This means that it 'knows' that related incoming traffic (related to the initial setup over one of those ports) should be allowed as well.
So you should be ok with that.
0
 

Author Comment

by:neoptoent
ID: 35069130
Are those protocol built into checkpoint so that I could just select them?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35069667
I think so, they are quite common.
You'll have to create the rules though.

 How-to-configure-the-Security-Po.doc
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question