I just replaced firewalls/mpls at a 7 site doctors office. I copied the rules on their old units and all other PC's are still connected to their domain & working fine after replacing the equipment. The data vendor for the doctors office unjoined a PC from the domain & could not join it back so he asked me to allow tcp/udp port range 1025-65535 for RPC. The domain is not at the site where this PC is trying to connect but at their corporate location. Here are my reservations with his request as well as the issue with this 1 PC.
A) Since the other PC's never disconnected from the domain & can access remote files on the remote windows server this problem can not be due to the new firewall config or they would all be disconnected.
B) The port range I was asked to allow makes a firewall pretty much useless to their HIPAA enviorment. I have an Implicit Deny both inbound & outbound so the range bothers me.
Is my thinking correct here? Should I even ask? lol
A) Since the other PC's never disconnected from the domain & can access remote files on the remote windows server this problem can not be due to the new firewall config or they would all be disconnected.
B) The port range I was asked to allow makes a firewall pretty much useless to their HIPAA enviorment. I have an Implicit Deny both inbound & outbound so the range bothers me.
Is my thinking correct here? Should I even ask? lol