×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA blocks RPC TCP port 135 for intra-interface communication

Unanswered Question
Apr 7th, 2014
User Badges:

I understand the fix to this problem with the "same-security-traffic permit intra-interface" command but I'm curious if anyone knows the reason behind by RPC on tcp/135 would need to consult the ASA for a host on the same subnet? The ASA is the gateway for hosts on this subnet but a host should not have to consult the ASA unless it is attempting to communicate with another node on a different subnet. I also understand that the ASA would receive the flooding of a broadcast when the host doesn't know the MAC of a host on the same subnet. But in this case, the ASA is denying traffic from host 172.18.3.212:49450 on interface inside4 to host 172.18.3.211:135 on interface inside4. Proxy arp is also disabled on the ASA. Thoughts on why this would occur?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

Related Content