Cisco ASA 5505 Configuration Manual page 896
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
DCERPC Inspection
This typically involves a client querying a server called the Endpoint Mapper listening on a well known
port number for the dynamically allocated network information of a required service. The client then sets
up a secondary connection to the server instance providing the service. The security appliance allows the
appropriate port number and network address and also applies NAT, if needed, for the secondary
connection.
DCERPC inspect maps inspect for native TCP communication between the EPM and client on well
known TCP port 135. Map and lookup operations of the EPM are supported for clients. Client and server
can be located in any security zone. The embedded server IP address and Port number are received from
the applicable EPM response messages. Since a client may attempt multiple connections to the server
port returned by EPM, multiple use of pinholes are allowed, which have user configurable timeouts.
Note
DCERPC inspection only supports communication between the EPM and clients to open pinholes
through theadaptive security appliance. Clients using RPC communication that does not use the EPM is
not supported with DCERPC inspection.
Select DCERPC Map
The Select DCERPC Map dialog box lets you select or create a new DCERPC map. A DCERPC map
lets you change the configuration values used for DCERPC application inspection. The Select DCERPC
Map table provides a list of previously configured maps that you can select for application inspection.
Fields
•
•
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
DCERPC Inspect Map
The DCERPC pane lets you view previously configured DCERPC application inspection maps. A
DCERPC map lets you change the default configuration values used for DCERPC application
inspection.
DCERPC is a protocol widely used by Microsoft distributed client and server applications that allows
software clients to execute programs on a server remotely.
Cisco ASA 5500 Series Configuration Guide using ASDM
40-2
Use the default DCERPC inspection map—Specifies to use the default DCERPC map.
Select a DCERPC map for fine control over inspection—Lets you select a defined application
inspection map or add a new one.
Add—Opens the Add Policy Map dialog box for the inspection.
Security Context
Transparent Single
•
•
Chapter 40
Configuring Inspection for Management Application Protocols
Multiple
Context
System
—
•
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
