Event Id | 20021 |
Source | DNS Intrusion Detection Filter |
Description | The published RPC service %1 cannot be reached. |
Event Information |
According to Microsoft : CAUSE : The RPC filter generates this alert when an RPC client tries to access the RPC server from or via ISA Server and the RPC server port mapper is not available. The alert parameters specify the sockaddr structure of the unreachable RPC server. RPC calls to the specified RPC server will not be served by the RPC filter in ISA Server. The RPC server may be unavailable for the following reasons: The RPC server is not available.There is no connectivity to the RPC server, due to network problems or wrong routing information.The RPC service does not use a port mapper to establish connection.The RPC server is not compliant with the RPC protocol.RPC traffic is blocked by a firewall. SOLUTION : Verify connectivity to the RPC server from the ISA Server computer.Check that the RPC server and the RPC service are up and running. (Best practice is to use local RPC client on the server).Check the routing table on the RPC client, on the ISA Server computer, and on the RPC server.Verify that traffic between the client and server can pass through ISA Server. |
Reference Links | Event id: 20021 Source id: DNS Intrusion Detection Filter |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.