https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87428#M17596 <P><FONT face="Calibri" size="3">RPC traffic on port 135 getting blocked on Checkpoint firewall intermittently. Getting error “Blocked MS-RPC non compliant version”.</FONT></P><P><FONT face="Calibri" size="3"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="M3.jpg" style="width: 754px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/6364i3E91201FD15A0166/image-size/large?v=v2&amp;px=999" role="button" title="M3.jpg" alt="M3.jpg" /></span></FONT></P> Fri, 05 Jun 2020 13:08:55 GMT Prime 2020-06-05T13:08:55Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87428#M17596 <P><FONT face="Calibri" size="3">RPC traffic on port 135 getting blocked on Checkpoint firewall intermittently. Getting error “Blocked MS-RPC non compliant version”.</FONT></P><P><FONT face="Calibri" size="3"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="M3.jpg" style="width: 754px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/6364i3E91201FD15A0166/image-size/large?v=v2&amp;px=999" role="button" title="M3.jpg" alt="M3.jpg" /></span></FONT></P> Fri, 05 Jun 2020 13:08:55 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87428#M17596 Prime 2020-06-05T13:08:55Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87454#M17601 <P><SPAN>We noticed this issue today. Server is unable to connect to the domain controller from last 3 days.</SPAN></P><P><SPAN>After changing the inspection configuration for Non compliant MS RPC to accept, we now see one packet allowed and one packet denied with same error.</SPAN></P><P><SPAN>&nbsp;</SPAN><SPAN>R80.10</SPAN><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="sccm error.PNG" style="width: 666px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/6365i9A95D20C4A9AAA8D/image-size/large?v=v2&amp;px=999" role="button" title="sccm error.PNG" alt="sccm error.PNG" /></span></P> Fri, 05 Jun 2020 19:06:01 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87454#M17601 Prime 2020-06-05T19:06:01Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87455#M17602 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/43914">@Prime</a>&nbsp;</P> <P>did you create recently the new service „TCP_135“ and used them in your policy?</P> <P>It‘s better to use the default „ALL_DCE_RPC“-service for Microsoft connections on port tcp/135.</P> <P>Follow&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.SearchResultMainAction&amp;eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk65676" target="_blank" rel="noopener">DCE-RPC traffic is dropped on High Ports</A>&nbsp;, I think this should help.</P> <P>Wolfgang</P> Fri, 05 Jun 2020 19:52:51 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87455#M17602 Wolfgang 2020-06-05T19:52:51Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87461#M17604 Will the use of a DCE/RPC service will stop SecureXL's ? Fri, 05 Jun 2020 22:54:22 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87461#M17604 Prime 2020-06-05T22:54:22Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87467#M17607 <P>Consider the rule placement per&nbsp;<SPAN>sk32578&nbsp;</SPAN></P> Sat, 06 Jun 2020 02:12:09 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87467#M17607 Chris_Atkinson 2020-06-06T02:12:09Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87468#M17608 <P>Use of a DCE/RPC service in a rule will stop SecureXL Accept templating but not affect whether or how the traffic can be accelerated.&nbsp; So try to place the rule permitting DCE/RPC as far down as possible in your rule base.</P> Sat, 06 Jun 2020 02:17:21 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87468#M17608 Timothy_Hall 2020-06-06T02:17:21Z https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87577#M17635 Error:-Blocked MS-RPC non compliant version<BR />we followed SK66605 file in order to resolve the issue.<BR /><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk66605&amp;partition=Advanced&amp;product=Security" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk66605&amp;partition=Advanced&amp;product=Security</A><BR /><BR />Edited the $FWDIR/lib/table.def file<BR /><BR /><BR /><BR />fw_dcerpc_map_ports = { &lt;135&gt; };<BR />to<BR />fw_dcerpc_map_ports = { };<BR /><BR /><BR /><BR />&gt;&gt;&gt;We disabled the extra rule which was used for per-defined service DCERPC.<BR /><BR />&gt;&gt;&gt;Post that pushed the policy, Traffic started to work and able to join the domain. Mon, 08 Jun 2020 08:09:54 GMT https://community.checkpoint.com/t5/General-Topics/RPC-traffic-on-port-135-getting-blocked-on-Checkpoint-firewall/m-p/87577#M17635 Prime 2020-06-08T08:09:54Z