Re: [j-nsp] JUNOS and MS RPC

2011-04-13 Thread Glenn Krutsinger
Clarke, Thanks for the examples. My first thought was to build custom UUID applications, but I soon decided that wasn't an option. MS can't even provide a accurate list of UUID's, without going to the individual product teams. Managing the list, with MS' almost whimsical approach to standards and

Re: [j-nsp] JUNOS and MS RPC

2011-04-13 Thread Pavel Lunin
Is anyone running MS products through SRX firewalls? How are you getting RPC to work? According to engineering, the ScreenOS "ms-rpc-any" isn't included in JUNOS, although, I do see the ALG catching the info based off of endpoint mapper sessions. [….] Supposedly, according to JTAC, there are

Re: [j-nsp] JUNOS and MS RPC

2011-04-13 Thread Clarke Morledge
Glenn said: Is anyone running MS products through SRX firewalls? How are you getting RPC to work? According to engineering, the ScreenOS "ms-rpc-any" isn't included in JUNOS, although, I do see the ALG catching the info based off of endpoint mapper sessions. ---

Re: [j-nsp] JUNOS and MS RPC

2011-04-03 Thread OBrien, Will
ot; mailto:routeh...@gmail.com>> > Date: Sat, 2 Apr 2011 15:38:22 -0600 > To: Glenn Krutsinger > mailto:gkrutsin...@compassion.com>> > Cc: "juniper-nsp@puck.nether.net<mailto:juniper-nsp@puck.nether.net>" > mailto:juniper-nsp@puck.nether.net>> &g

Re: [j-nsp] JUNOS and MS RPC

2011-04-03 Thread Glenn Krutsinger
.@compassion.com>> Cc: "juniper-nsp@puck.nether.net<mailto:juniper-nsp@puck.nether.net>" mailto:juniper-nsp@puck.nether.net>> Subject: Re: [j-nsp] JUNOS and MS RPC I've got two sets of SRX3400 clusters, and the ALGs should come with: caveat emptor. Nice on paper

Re: [j-nsp] JUNOS and MS RPC

2011-04-02 Thread OBrien, Will
Agreed. ALGs seem to always cause headaches. Turn them off and pretend they don't exist and you'll be better off. (Think of them like that crazy guy/girl you wanted to date in High School... Same thing really.) On Apr 2, 2011, at 4:38 PM, Scott T. Cameron wrote: > I've got two sets of SRX3400

Re: [j-nsp] JUNOS and MS RPC

2011-04-02 Thread Scott T. Cameron
I've got two sets of SRX3400 clusters, and the ALGs should come with: caveat emptor. Nice on paper and very similar to Linux conntrack modules, but in reality the rule of thumb is it's better to have them disabled. In the case of Microsoft, their technical papers will say your firewall should all

[j-nsp] JUNOS and MS RPC

2011-04-02 Thread Glenn Krutsinger
Hello all, Is anyone running MS products through SRX firewalls? How are you getting RPC to work? According to engineering, the ScreenOS "ms-rpc-any" isn't included in JUNOS, although, I do see the ALG catching the info based off of endpoint mapper sessions. Add to that the fact that MS changed