Print Download Documentation Send Feedback

Previous

Next

RPC

What can I do here?

Use this window to configure RPC general properties.

Getting Here

Getting Here - Object Explorer > New > Service > RPC

SunRPC Overview

What Background Information do I need to know...

RPC-based services do not use pre-defined port numbers. An RPC "connection" is structured as follows:

  1. The client queries the server (on port 111), asking for the port number associated with the program.
    • If the query is UDP, the Firewall examines the program number, and allows only those programs allowed by the security policy (in the Services column).
    • If the query is TCP, the Firewall drops the query, unless TCP on port 111 is explicitly allowed by the security policy.

      Note - Allowing TCP on port 111 is considered insecure, because the client can then run any available RPC program through this port

  2. The server (portmapper) replies with the port number. The Firewall monitors the reply and opens only the specified port for the RPC traffic.
  3. The client connects to that port and the RPC "connection" continues.

Example:

Suppose the security policy allows RPC as follows:

Source

Destination

Service

Action

RPC_Client

RPC_Server

nfsprog

Accept

RPC

Tell me about the fields...