Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

checkpoint firewall allow msdtc and rpc

Posted on 2011-03-07
5
Medium Priority
?
1,981 Views
Last Modified: 2012-05-11
Hi,

I need to allow the following through my checkpoint firewall r70.30
 •      MS RPC EndPoint
•      MS-DTC interface


It is possible to do this by protocol as apposed to just opening all the ports?
Also what about a UUID inside the packet?
0
Comment
Question by:neoptoent
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 2000 total points
ID: 35061115
MS RPC EndPoint is TCP port 135 (UUID E1AF8308-5D1F-11C9-91A4-08002B14A0FA)
MS-DTC interface is TCP port 3372 (UUID 906B0CE0-C70B-1067-B317-00DD010662DA)

So you could do it on a per protocol base.
0
 

Author Comment

by:neoptoent
ID: 35063587
What about the high ports needed like 1024 - 65....
would those be covered in the protocol settings?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35067180
Depends on what you mean exactly.
If you are referring to return traffic, that is allowed by default.
If you are referring to additional incoming connections, the checkpoint is a stateful firewall. This means that it 'knows' that related incoming traffic (related to the initial setup over one of those ports) should be allowed as well.
So you should be ok with that.
0
 

Author Comment

by:neoptoent
ID: 35069130
Are those protocol built into checkpoint so that I could just select them?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35069667
I think so, they are quite common.
You'll have to create the rules though.

 How-to-configure-the-Security-Po.doc
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question