The Insecure Wire

a network engineers perspective

Monthly Archives: January 2019

Cisco ASA Dynamically open MS-RPC Ports

OK so this one is simple once you know how. TCP Port 135 (MS Remote Procedure Call Endpoint Mapper) requests high range ports > 1024 for Windows client / server networking. To allow this traffic across the ASA you need to pinhole the ports with the global policy map: policy-map type inspect dcerpc dcerpc_map parameters […]