Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Active Directory Behind ASA Firewalls & RPC Traffic

As per the following MS article, we need to allow TCP/UDP dynamic ports 49152 through 65535 for the Windows 2008 R2 active directory to work if the clients/domain controllers are behind the firewall.

http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

 

Can we minimize this ports by using the ASA application inspection features?

 

 

2 REPLIES
Cisco Employee

Hi,You can use DCERPC

Hi,

You can use DCERPC inspection on the ASA device.

Check these URL links and i think they should help you with your query:-

https://supportforums.cisco.com/document/67706/dcerpc-inspection-asapixfwsm

http://www.experts-exchange.com/Security/Software_Firewalls/Cisco_PIX_Firewall/Q_28128906.html

Thanks and Regards,

Vibhor Amrodia

New Member

I am unable to view

I am unable to view expertexchange. With DCE/RPC inspection on ASA, can I do away with dynamic port range?

1485
Views
0
Helpful
2
Replies
CreatePlease login to create content