Encrypted RPC and firewalling

[Lasse Birnbaum Jensen <lasse () sdu dk>]

hi all

I would like to know how you guys handle encypted rpc across firewalls. 

We utilize an ASA platform and the DCERPC inspection cant handle encrypted RPC (which is standard in most windows 2008 
and default in all communication in exchange 2010). Ciscos says: disable encryption or create "allow any" rules.

Do you limit the RPC port range on the windows systems and make "holes" in the firewall for these or do you disable RPC 
encryption ? 

Please share your knowledge in this area.

Best regards 

Lasse Birnbaum Jensen
Network administrator, IT-Service
University of Southern Denmark

Email: lasse () sdu dk

Attachment: smime.p7s
Description: