Has anyone had any success in passing DCOM/COM through a PIX or any other firewall for that matter. I have one host (Web Server) in a DMZ off the PIX and the other host (Middle Tier)is inside. I have tried NAT'ing the (MIddle Tier) out to the DMZ and letting FULL IP connectivity to it. I have also tried NAT'ing the (Middle Tier) to itself out in the DMZ. (Example, static(inside,web_dmz) 192.168.1.1 192.168.1.1 ) I have seen this work sometimes when trying to NAT NetBios. From what I understand DCOM uses port 135/tcp,135/udp,137/tcp, and some high range ports. I have used Microsoft's utility called DCOMCNFG to narrow the ports down to 5500-5550. I see that the 2 hosts are using these ports, but connectivity and performance are extremly slow and not constant.
Youre probably going to have to put a sniffer on the wire to see whats happening. If you are translating to the same address, its not a NAT issue. There may be a problem with multi-homed servers or the protocol stack setup in the MS server. Sniffing the packets will help you determine whats going where and why.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...