DCERPC Inspect Maps - ASA 5550

Unanswered Question
Oct 15th, 2008
User Badges:

Hello,


I require some assistance with how to set up DCE RPC, the configuration I have has been applied through ASDM 6.1(5) and the ASA 8.0(4).


I have tried a couple of approaches;

1) Created an inspect map for DCERPC (ASDM)

2) Added DCERPC to the default inspection Service policy Rule(ASDM)

3) Copying an example from Cisco.com on the CLI


RPC connectivity works when allowing high ports in the Access Rules but not when only permitting tcp/135 which suggests the policy does not work. What am I missing? Is there other configuration to be completed with in the access rules?


Many thanks in advance

Richard

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Tue, 10/21/2008 - 13:43
User Badges:

This is because by default all traffic from a higher-security interface to a lower-security interface is allowed. Access lists let you either allow traffic from lower-security interfaces, or restrict traffic from higher-security interfaces.

The security appliance supports two types of access lists:

• Inbound-Inbound access lists apply to traffic as it enters an interface.

• Outbound-Outbound access lists apply to traffic as it exits an interface.

The following URL explains in steps about configuring access rules using ASDM 6:

http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/aclrules.html#wp1046058


vinerichard Tue, 10/21/2008 - 23:32
User Badges:

I'm not too sure how this actually related to my issue of DCERPC traffic and configuration of this functionality?

suschoud Tue, 10/21/2008 - 16:15
User Badges:
  • Gold, 750 points or more

class-map inspection_default

match default-inspection-traffic


exit



policy-map global-policy

class inspection_default

inspect dcerpc


exit


exit



##########



Regards,

Sushil

Actions

This Discussion