Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

DCE-RPC uuid oriented inspection ACL

Hi all, did someone successfully applied ACL for MS-RPC service in an ASA or a FWSM ?   There is a lot of example but it seem to be generic parameter.

We are requested to do as some other manufacturer does, by specifying RPC access based on UUID . (ie, specify the RPC service authorized to pass through the firewall : Only Ms-Exchange Directory Service for exemple).

When i look to the last FWSM or ASA software guide, nowhere it is specified we can add or specify UUID. I also look at optionnal info in ASDM dce inspection protocol and nothing about UUID.

If someone have implemented it, is it possible to get additional documentation ?

Thanks,

Gizmo

1 REPLY
Cisco Employee

Re: DCE-RPC uuid oriented inspection ACL

After 4.0 there was a dcerpc type policy-0map that was introduced http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/p.html#wp1705164

There you can set Pinhole Timeout, Endpoint-mapper, Endpoint-mapper service lookup, Endpoint-mapper service lookup timeout

I hope it helps.

PK

1277
Views
0
Helpful
1
Replies
CreatePlease to create content