I have 2 active directory forests that reside on either side of my PIX.
Forest A is on Inside interface
Forest B is on a DMZ interface security level 50
The Microsoft guys would like to setup a trust between the 2 forests.
In order to do this, RPC traffic, both port 135 and RPC dynamic ports (1024-65535) need to be allowed, I don't however want to open those high ports unless I have to.
My Microsoft guy said that the firewall should be able to inspect RPC traffic in order to dynamically open higher ports when required by the application.
I don't see a fixup for RPC on the Pix however.
Couldn't anyone shed some light on how I can make the Pix aware of the RPC traffic between the 2 AD forests.