Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Better logging & RPC Traffic

    Scheduled Pinned Locked Moved General pfSense Questions
    25 Posts 4 Posters 6.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ
      jimp Rebel Alliance Developer Netgate
      last edited by

      A packet capture can't know what was passed or blocked, it only shows packets received on the wire.

      The firewall log would show passes/blocks provided that you have your firewall rules all set to log (including the default deny rule controlled by the checkbox on the log settings tab)

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        This may help:
        http://support.microsoft.com/kb/224196

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • B
          boomam
          last edited by

          Thanks but ive read that link before, no help.

          The following shows that 135 & "random high TCP ports" are used for cert services. Unfortunately im not sure how i'd go about setting them to specific ports.
          http://technet.microsoft.com/en-us/library/cc875824.aspx

          This:
          http://social.technet.microsoft.com/wiki/contents/articles/1559.how-to-configure-a-static-dcom-port-for-ad-cs.aspx
          Seems to imply that i can force the ports to certain numbers…i'll try it in a test lab, see if it breaks anything.

          I suppose at that point if ive got it on a specific port range and that range is allowed both LAN side and OpenVPN side on BOTH PFs, then that's PF out of the equation then isnt it?

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Yes, it would appear to be the case.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • B
              boomam
              last edited by

              As an update:

              I THINK ive resolved this….wasnt PfSense causing this at all, it was TMG.

              "strict RPC compliance" was on. Turn it off, and thus far, works fine, as well as fixing a few other minor issues which i assume use RPC or DCOM.

              Im still testing but it'll be hilarious if a protocol that MS products rely on to work, is "broken" by a MS product too. :p

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.