Solved

Question about Microsoft RPC and firewalls

Posted on 2013-02-05
2
500 Views
Last Modified: 2013-02-06
Experts,

Suppose I have client-A on DMZ1 and server-B on DMZ2.
I allow CLIENT-A to reach server-B on TCP-135.

Suppose the RPC mapper on the server now tells the client to connect on port 1023.
Am I correct to assume this second connection is a new tcp session and if it's not permitted in the firewall ACL, then it will be dropped?
0
Comment
Question by:trojan81
2 Comments
 
LVL 18

Accepted Solution

by:
irweazelwallis earned 500 total points
ID: 38858535
yes 135 is a port mapper and therefore unless your firewall allows dynamic port mapping then it won't work
you could open the additional port but generally it open something in a massive range of ports at random

Generally if you open up this the firewall becomes almost pointless as its got more holes than swiss cheese.

Depending on the application you can tie it down so that it uses static ports even if its still in a range
0
 

Author Closing Comment

by:trojan81
ID: 38859266
well done thank you
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now