Good day everyone Recently, I installed SP1 on some domain controllers and ran into an issue where microsoft changed rpc data with SP1 and firewalls such as microsofts own ISA server as well as checkpoint have started to randomly block this data. They have both offered up a fix for the issue, but I have also had the same issue with OpenBSD PF.
I am running OpenBSD 3.5 on some firewalls and OpenBSD 3.8 on others and seem to have this issue. Anyhow, I was just wondering if anyone else experienced this and if they know what could fix it. I allow all traffic using ISAKMPD to flow between my locations VPN, thus, PF shouldn't be blocking but my failures happen with Windows 2003 Domain Controllers ONLY running SP1 and checking into it, as mentioned, its a known issue for other firewalls. any suggestions would be great. I have uninstalled SP1 where the OS allowed us to do so. Also, rebooting the DC's seems to address the issue for a while as well. Thanks again for everything OpenBSD:) James Mackinnon
