JSI Tip 9811. How to configure RPC to use certain ports and how to help secure those ports by using IPsec?

Jerold Schulman

October 12, 2005

1 Min Read
ITPro Today logo in a gray background | ITPro Today


Microsoft Knowledge Base Article 908472 contains the following summary:

This article describes how to configure RPC to use a specific dynamic port range and how to help secure the ports in that range by using an Internet Protocol security (IPsec) policy. By default, RPC uses ports in the ephemeral port range (1024-5000) when it assigns ports to RPC applications that have to listen on a TCP endpoint. This behavior can make restricting access to these ports challenging for network administrators. This article discusses ways to reduce the number of ports available to RPC applications and how to restrict access to these ports by using a registry-based IPsec policy.

Because the steps in this article involve computer-wide changes that require the computer to be restarted, all these steps should be performed first in nonproduction environments to identify any application-compatibility issues that may occur as the result of these changes.



Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like