SRX

? Hello

I was converting ScreenOS config to SRX. I found one application/service MS-RPC-EPM in screen OS, having ports - tcp and udp ports 135. This service/application was not converted by SRX conversion tool automatically. I was checking in SRX, the service junos-ms-rpc-epm and I found below.

#  Microsoft RPC EPM (End Point Mapper)
#
application junos-ms-rpc-epm {
    term t1 protocol tcp uuid e1af8308-5d1f-11c9-91a4-08002b14a0fa;
}
#

Someone can confirm, junos-ms-rpc-epm is equivalent to MS-RPC-EPM in screen OS? also Why there is not ports assign? is it normal

Any one?

as per KB12057, screen OS applicaion MS-RPC-EPM allows uuid e1af8308-5d1f-11c9-91a4-08002b14a0fa on protocol TCP/UDP port 135.

But the Junos application only specify TCP and not UDP.

set groups junos-defaults applications application junos-ms-rpc-epm term t1 protocol tcp
set groups junos-defaults applications application junos-ms-rpc-epm term t1 uuid e1af8308-5d1f-11c9-91a4-08002b14a0fa

I feel they are not same and I would recommend you creating a custom application

Hello Suraj

Thanks. Can you explain what is uuid e1af8308-5d1f-11c9-91a4-08002b14a0fa? there is no port 135

Basically UUID are used to identify the services running on server. So during RPC connection a client sends a UUID to server and server reponds with the Port number on which this UUID/Service is running. Then the client opens the connection to this Port number.

This UUID exchange usually happens on control connection made through TCP port 135, if we dont specify the TCP Port 135, the firewall will only check for the UUID and take action.

I hope this helps.