ScreenOS Firewalls (NOT SRX)
Trusted Contributor
Posts: 23
Registered: ‎03-17-2009

Re: Application using DCOM

Hi Ante,


Do you know which packet (source IP, destination IP, source port, destination port) is dropped?


 From the debug I can see that both addresses and act as MSRPC servers since they both have communication from port 135. 


Traffic from as a client to as a server seems to pass OK as there are no dropps in the debugs.


The problem with this debug is that it does not catch traffic from to since is behind a VPN.  To catch also this communication flow filter needs to be extended it include all VPN communication. As it is not good to have all this info in a public forum maybe you can send me a PM or even better open a JTAC case.


But first please let me know which traffic is dropped?





Posts: 6
Registered: ‎08-17-2009

Re: Application using DCOM



The traffic that is blocked comes from, and the source ports are different each time I start the application.

Every time I run the application it tries to open three different ports, but it´s not the same three ports every time.

The destination port is different every time I run the application, but it´s always just one destination port every time the application is run.

Don´t know if this was a good explanation so to sum it up: every time the application is run there is three different source ports blocked and they all have the same destination port. The ports are all TCP.

JTAC case is opened.



Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.