• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2041
  • Last Modified:

checkpoint firewall allow msdtc and rpc

Hi,

I need to allow the following through my checkpoint firewall r70.30
 •      MS RPC EndPoint
•      MS-DTC interface


It is possible to do this by protocol as apposed to just opening all the ports?
Also what about a UUID inside the packet?
0
neoptoent
Asked:
neoptoent
  • 3
  • 2
1 Solution
 
Ernie BeekExpertCommented:
MS RPC EndPoint is TCP port 135 (UUID E1AF8308-5D1F-11C9-91A4-08002B14A0FA)
MS-DTC interface is TCP port 3372 (UUID 906B0CE0-C70B-1067-B317-00DD010662DA)

So you could do it on a per protocol base.
0
 
neoptoentAuthor Commented:
What about the high ports needed like 1024 - 65....
would those be covered in the protocol settings?
0
 
Ernie BeekExpertCommented:
Depends on what you mean exactly.
If you are referring to return traffic, that is allowed by default.
If you are referring to additional incoming connections, the checkpoint is a stateful firewall. This means that it 'knows' that related incoming traffic (related to the initial setup over one of those ports) should be allowed as well.
So you should be ok with that.
0
 
neoptoentAuthor Commented:
Are those protocol built into checkpoint so that I could just select them?
0
 
Ernie BeekExpertCommented:
I think so, they are quite common.
You'll have to create the rules though.

 How-to-configure-the-Security-Po.doc
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now