OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: coppersphinx on October 05, 2020, 08:10:35 pm

Title: Dynamic port mapper for WMI/DCOM traffic
Post by: coppersphinx on October 05, 2020, 08:10:35 pm

Hi All,

For a project am I using a set of OPNsense firewalls.
Now do we like to limit the high port range of MS-RPC/DCOM traffic.
This traffic is doing a handshake on TCP/135 and then uses a high port between 49152 - 65535.

For the OPNsense firewall are we looking to open dynamically the ports and close then when the session is over. Unfortuanly we cannot find this function.

In a FortiGate firewall this is called: DCE-RPC session helper
And in a Cisco ASA: DCE/RPC inspection

Does anybody know if this function is possible in a OPNsense firewall?

Thanks for possible input/answers

Title: Re: Dynamic port mapper for WMI/DCOM traffic
Post by: Purneau on March 15, 2021, 11:18:41 am

@coppersphinx
Any luck figuring this out?