RPC High Ports

Similar Messages

• IPS and IDS- ARP Inbalance-of-Requests and TCP High Port Sweep

  Does anybody knows about ARP Inbalance-of-Requests and TCP High Port Sweep IPS signature? We've been receiving numerous numbers of alerts with this kind of signature in the IPS.
  Actually, I'm planning to tune these events in IPS and I really need your inputs if it is safe to tune. Based on my investigation, most of the source and destination IP's are internal to our network (e.g servers, workstation and other device).
  I think this is false positive incidents...
  Best regards,
  Carlou

  This will be a normal signature to see triggered if you are watching outbound traffic from your internal network. As long as the source of the traffic is your internal hosts, and the destination is external hosts, this is likely just normal behavior.
  This signature triggers when a single host sends TCP SYN packets to a number of different hosts, perhaps because of multiple web sessions going, or pop-up windows while web surfing.
  Check this bug-id:CSCsh94361

• Issue with high ports

  Hi,
  One of my RAC has a very different behaviour as compared to the others. When using netstat -an, it seems that in Node 1, the application is connecting into the instance via 1521, which is normal. However, in Node 2, the application is connecting into Node 2 isntance via high ports. Eg. is as follows:
  10.251.2.75 = Physical IP of DB1
  10.251.2.77 = Physical IP of DB2
  10.251.30.125 = IP Add of Application Server
  [All firewalls are opened]
  [oracle@RAC-DB-1 ~]$ netstat -an|grep 10.251.30.
  tcp 0 0 10.251.2.75:1521 10.251.30.125:46192 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:45502 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:46320 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:44280 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:45803 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:59092 ESTABLISHED
  tcp 0 0 10.251.2.75:1521 10.251.30.125:45779 ESTABLISHED
  [oracle@RAC-DB-2 ~]$ netstat -an|grep 10.251.30.
  tcp 0 0 10.251.2.77:17980 10.251.30.125:40761 ESTABLISHED
  tcp 0 0 10.251.2.77:17980 10.251.30.125:44282 ESTABLISHED
  tcp 0 0 10.251.2.77:17980 10.251.30.125:44287 ESTABLISHED
  tcp 0 0 10.251.2.77:17980 10.251.30.125:45805 ESTABLISHED
  tcp 0 0 10.251.2.77:17981 10.251.30.125:45781 ESTABLISHED
  tcp 0 64 10.251.2.77:17981 10.251.30.125:42914 ESTABLISHED
  Is this a normal situation? Anyway to investigate?
  Thanks!
  EB

  Is this a normal situation? That would depend on your definition of normal situation. ;-)
  It does seem strange that the application (exactly what is it and how does it connect to the RAC and what TNS parameters does it use?) behaves differently when using node 1 versus node 2.
  Never really looked at it, but perhaps this is due to a listener hand off from node 1 to node 2 for load-balancing or similar? Or a Java shared pool configuration issue of sorts (different pool configs for the different RAC nodes)?
  Anyway to investigate?Most definitely yes IMO. Three major reasons. Firewalling, network management and traffic shaping. All these have the same requirement. You want to deal with well known and official ports. Not private port ranges that are dynamically negotiated between client and server.

• Configuring RPC dynamic port allocation

  I'm getting RPC errors to a Windows 2003 server:
  0x800706ba
  Win32
  The RPC server is unavailable
  I've verified the RPC, TCP/IP Netbios Helper, Windows management Instrument services are started on the 2003 box. From the same 2003 box I am able to run wmimgmt.msc and view it's wmi properties. However, I get the RPC error above when I run the WBEMTEST
  from a client on another domain. I also get the same error when I run wmimgmt.msc using the same remote client to access the 2003 box. I came across the microsoft KB:  https://support.microsoft.com/en-us/kb/154596
  Would I just configure that port range on the 2003 box's registry? At this point I'm leaning that maybe it's a firewall issue but not sure.

  Hello,
  first check with the article
  https://technet.microsoft.com/en-us/library/dd772723%28WS.10%29.aspx?f=255&MSPPError=-2147217396 that all AD required ports are open.
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  

• Can I fix the mountd RPC network port?

  Like many organisations we run internal firewalls.  This creates a problem when attempting to automount using the -hosts indirect map under /net because although we can open ports 2049 and 111 we have no idea what port the portmapper/rpc will dish out to mountd in advance.  Therefore we get the following type of exchange:
       loghost -> pandora      TCP D=34821 S=32877 Rst Seq=2202926385 Len=0 Win=49640
       loghost -> pandora      PORTMAP C GETPORT prog=100005 (MOUNT) vers=1 proto=TCP
       pandora -> loghost      PORTMAP R GETPORT port=34821
       loghost -> pandora      TCP D=34821 S=32878 Syn Seq=2222760873 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
       loghost -> pandora      TCP D=34821 S=32878 Syn Seq=2222760873 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
       loghost -> pandora      TCP D=34821 S=32878 Syn Seq=2222760873 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
  What we see here is the client asking the portmapper for the port number for MOUNT (prog 10005) and the GETPORT request returning 34821.  The client dutifully attempts to connect on the given port, but of course gets stamped on by the firewall.  We see repeated attempts to open the TCP connection, but no reply.
  What I need to know, categorically, is this;  Can I force the mountd program to use a fixed port in Solaris 10 update 10 ???  
  I've searched extensively in the usual places, I've read through the Oracle documentation and the closest I've found is this: 
  Mounting File Systems - System Administration Guide: Network Services
  Which doesn't talk about the automounter.
  This is possible in Linux:
  https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s2-nfs-nfs-firewall-config.html
  But it doesn't seem possible in Solaris.
  Anyone got any ideas or able to confirm that this is indeed, not possible?   If it isn't possible then my only option is to open the firewall for all ports between the hosts in question.  That will require some lengthy discussions with our network people.
  Thanks in advance,
  Paul.

  Hello venom57934,
  Oh man! I’m sorry to hear that. We continue to offer hardware repair and service options for the iPod classic 160 GB (Late 2009), with a few other models still supported to our California customers. If this is your model, the following link should help you get started with the repair process. Included, you will find information on topics pricing and frequently asked questions:
  Apple - Support - Service Answer Center
  http://www.apple.com/support/ipod/service/faq/
  If you need help identifying the model of your iPod refer to this article:
  Identifying iPod models - Apple Support
  http://support.apple.com/en-us/ht1353
  Cheers,
  Matt M.

• RPC transient port query

  Hello everyone
  RFC1050 that describes RPC names a block of RPC numbers that is used for "applications that dynamically assign RPC numbers".
  RPC port mapper is used to find the TCP or UDP port of an application by its number.
  Is there a similar possibility to get the RPC application number (on a foreign computer) by its name?
  Use case: For "smaller applications" it is not required to register an RPC number nor to use the "user block" which may be used by other applications. Instead an application can be found by its name.
  Martin

  Thank you.
  However I found out that "rpcinfo" only reads the numbers of the other host and queries the names from the local configuration files.
  Maybe there is no possibility to do this, yet. So I'll write a internet draft document to propose a possibility to do this.
  Martin

• Client installation is not successful & not showing activity in SCCM Server 2012

   Environment : SCCM Server 2012 Configured successfull and installed clients using client push method , successfully Completed . I have seen Active, And push software to corresponding clients . installed successfully
  We have internal & external networks in our environment . Internal network in data center , the sccm server is also in data center . All client systems is getting software's from sccm in internal network ( done successful) .
  i have opened the ports in firewall 135,139,80,443,445, etc (TCP,UDP)
  When iam trying to push the client from SCCM server to  external network client system. it is not installing the  Ccm setup ,
  not showing "Active" in SCCM server .
  I have added a Account in Client push , Same account i added in Client system Administrator group .
  Info : All systems in Device collection 
  please updated the suggestions, to solve this issue . 
  Thanks in advance 

  Client push requires more than just those handful of ports as it uses RPC and SMB to push the initial required files -- thus, you need to open the dynamic high ports required for RPC.
  You can easily see this activity in the ccm.log.If you are unable/unwilling to open the RPC high ports, then you should choose an alertnate client install method.
  Jason | http://blog.configmgrftw.com

• Active Directory RPC Ports - Server 2012 R2

  Hi,
  My networking team are looking to restrict the ports from clients to Domain Controllers. 
  They have opened the following ports:
  TCP and UDP 389
  TCP 636
  TCP 3268
  TCP 3269
  TCP and UDP 88
  TCP and UDP 53
  TCP and UDP 445
  UDP 123
  TCP and UDP 464
  UDP 138
  TCP 9389
  UDP 137
  TCP 139
  TCP/UDP 49152 - 65535
  The question is do we need all of the TCP/UDP RPC Ports (49152 - 65535)? We are running Exchange and Lync. I have found articles (http://support.microsoft.com/kb/224196) which suggest I can use a static port but am concerned what impact this will have on
  services.
  Any help greatly appreciated.

  No you do not need all the high ports open and you can restrict them and be perfectly fine.
  We restrict our high ports to a range of 50,000-51,000
  This is the article we use below:
  http://support.microsoft.com/kb/300083
  Obviously you can't click on Start in 2012 so if you move the mouse to the lower right and then click search you can search and find Component Services. You can also find it in the Administrative Tools.
  Hope this helps!
  If it answered your question, remember to “Mark as Answer”.
  If you found this post helpful, please “Vote as Helpful”.
  Postings are provided “AS IS” with no warranties, and confers no rights.
  Active Directory: Ultimate Reading Collection

• Can you configure a static port to use with certsrv.msc?

  I am trying to use certsrv.msc to connect from my workstation to the CA for administration purposes.  Workstation is Win7, CA is 2008 R2 Enterprise running Enterprise Subordinate on a dedicated box.
  I configured a static DCOM port for certsvc by following this article, including bouncing the service and also rebooting the CA box:
  http://social.technet.microsoft.com/wiki/contents/articles/1559.how-to-configure-a-static-dcom-port-for-ad-cs.aspx
  The static port was opened in the firewall from my workstation to the CA.  We also found that TCP 445 was required, so that has been opened as well, port 135 & other ports normally needed for autoenrollment should be open.  Sniffing the firewall
  showed that a random high numbered port that is not the static dcom port is being attempted - this is the only port showing dropped packets & no traffic on the static port.
  I am wondering if there is a way to configure a static port for this high-level random port to use with certsrv.msc as I was able to do with the certsvc dcom port?  I am trying to avoid having tens of thousands of network ports wide open going to my
  CA...  Thanks in advance!

  Hi Steve,
  I am sorry that I wasn’t able to find references about restricting certificate services only use one port in the random port range.
  However, we can configure RPC dynamic ports allocation to restrict port range. In the meantime, we should keep at least 100 ports open to keep necessary system services running.
  More information for you:
  How to configure RPC dynamic port allocation to work with firewalls
  http://support.microsoft.com/kb/154596/en-us
  Service overview and network port requirements for Windows
  http://support.microsoft.com/kb/832017/en-au
  Firewall Rules for Active Directory Certificate Services
  http://blogs.technet.com/b/pki/archive/2010/06/25/firewall-roles-for-active-directory-certificate-services.aspx
  Best Regards,
  Amy Wang

• Ports for 2012 R2 - Agent Install

  Hello,
  I am getting blocks from our Firewall for ports 20639, 11180, 16614, 44503 (as examples) when trying to install an agent.
  I thought (obviously mistakenly) that the following are required.
  Can someone point me to the new list for 2012R2 please?
  Thx
  John Bradshaw
  RPC endpoint mapper Port number: 135 Protocol: TCP/UDP
  *RPC/DCOM High ports (2000/2003 OS) Ports 1024-5000 Protocol: TCP/UDP
  *RPC/DCOM High ports (2008 OS) Ports 49152-65535 Protocol: TCP/UDP
  NetBIOS name service Port number: 137 Protocol: TCP/UDP
  NetBIOS session service Port number: 139 Protocol: TCP/UDP
  SMB over IP Port number: 445 Protocol: TCP
  MOM Channel Port number: 5723 Protocol: TCP/UDP 

  Communication is established by Agent.  You need inbound port 5723 open on MS for regular monitoring after installation. 
  All those other ports you have listed are granular port settings, but this can all be accomplished simply by enabling remote administration and file & print sharing on agent.  These are only required for setup to push installation files and
  run the setup package.
  If you manually install SCOM agent, you does not require to open the above list ports
  Roger

• Ports for 2012

  Hi,
  We are getting blocked on Port 21594 when trying to do and Agent Install (2012R2).
  I cannot find this port (or range containing this port in any documentation).
  Has anyone got an idea about this, or better still, a link with the details about opening this port??
  Thx
  John Bradshaw

  Hi,
  For Agent push from the SCOM MS console you will need:
  Keep in mind that you can closed this ports after the initial installation, but you won’t be able to repair or upgrade (Cannot remotely manage) agents from the console.
  RPC endpoint mapper                                      Port number: 135          
  Protocol: TCP/UDP
  *RPC/DCOM High ports (2000/2003 OS)   Ports 1024-5000            Protocol: TCP/UDP
  *RPC/DCOM High ports (2008 OS)              Ports 49152-65535        Protocol: TCP/UDP
  NetBIOS name service                                     Port number: 137          
  Protocol: TCP/UDP
  NetBIOS session service                                  Port number: 139          
  Protocol: TCP/UDP
  SMB over IP                                           
             Port number: 445           Protocol: TCP
  SCOM Channel                                               
    Port number: 5723         Protocol: TCP/UDP
  For Management Server deployment I would recommend having RPC enabled:
  RPC endpoint mapper                                      Port number: 135          
  Protocol: TCP/UDP
  RPC/DCOM High ports (2000/2003 OS)   Ports 1024-5000               Protocol: TCP/UDP
  RPC/DCOM High ports (2008 OS)              Ports 49152-65535          Protocol: TCP/UDP
  SCOM Channel                                               
    Port number: 5723         Protocol: TCP/UDP
  Please also go through the below article:
  System Requirements: System Center 2012 R2 Operations Manager
  http://technet.microsoft.com/en-us/library/dn249696.aspx
  Regards,
  Yan Li
  Regards, Yan Li

• What Ports need to be opened during Exchange migration?

  Hi Team,
  I am working on a Migration project (Ex2007 to Ex2013). Same forest same domain but are in different sites.
  Please find the below details
  AD Site1 - Ex2007 Servers
  2 Mailbox Servers (CCR)
  2 (HUB+CAS) in NLB
  2 Domain Controllers 
  AD Site2 - Ex2013 Servers
  2 Multi Role Servers (MB+CAS) with DAG
  2 Domain Controllers
  We have firewall in between data centers, could some one help me out what ports are need to opened on firewalls.
  Thanks,
  Balgates
  Regards, Balgates

  808 (TCP)
  Mailbox Replication Service uses to communicate
  53 (TCP)
  DNS
  135 (TCP)
  RPC End Point
  389 (TCP)
  LDAP
  3268
  LDAP
  1024 > (TCP)
  if mailbox store is not statically configured then 1024 higher ports need to be open
  88 (TCP)
  Kerberos
  445 (TCP)
  Microsoft-DS Service
  443 (TCP)
  Mailbox Replication Proxy service uses port 443 to communicate with other Exchange 2010 client access server via HTTPS.

• How to change the Number of IVR ports in a UCCX?

  I know this question has been asked before but it needs to be asked again, as previous answers do not seem to apply.   The simple quesiton is:  If you have a UCCX and if after install you check you check License information and you note that you have 150 IVR ports; how do you increase the number of ports to 300?  
  I have been told that the number of ports is set by the class of the machine hardware and is not a license issue.   Others have suggested it is a license issue?   At the end of the day, however, I want a step by step procedure for adding more IVR ports to my deployment.   Even if that means buying more licenses (though I can not find a SKU).
  I have several clients that have UCCX and are having calls that exceed the number of IVR ports.   Before we get into a discussion of CTI ports or Call Controll Groups, let me identify that I think they are the same.    I can create a CTI Call Control Group with 300 paths, but if I only have 150 IVR ports I am in serious trouble on the 151 call!
  I had a lab system that installed under vmware with 150 ports.  No matter how I tried to configure the CVA it always came up 150 ports!   I added a NFR license to my lab and magically it turned it into a 12 IVR system, so licensing does have something to do with it!  
  I have htis experience on Version 8 and now on Version 9!   I need more IVR ports than appear in the installation.  I want to know exactly the steps needed to increase the number of IVR ports to the maxium of 300 for an enhanced system!
  I can refer CISOC TAC to several tickets I have opened on this subject all with unsatisactory answers!  Most recently 626743961
  Peter Buswell (aka DrVoIP)
  http://blog.drvoip.com       

  Here's the long answer
  Peter Buswell wrote:I know this question has been asked before but it needs to be asked again, as previous answers do not seem to apply.   The simple quesiton is:  If you have a UCCX and if after install you check you check License information and you note that you have 150 IVR ports; how do you increase the number of ports to 300?  
  Since I see below that you mentioned that the system in question is Enhanced, the answer is simply, install on faster hardware.  Presently the best hardware you can get is VMWare ESXi with the 400 Agent License OVA, which gives you 400 IVR Port Licenses.
  Standard licensing works the same as Enhanced, as far as IVR Port licenses go.
  If you were wondering about Premium, then it's a 1:2 ratio of agent:ports.  You cannot buy Premium ports directly, instead you buy them indirectly through the process of buying Premium Agent seats.  So if you had a Premium UCCX with 100 Agents, you would have 200 ports, and if you desired to have 250 ports, you simply buy 25 more Premium Agent seats.  Premium does still need to adhere to the hardware limits.  I have seen partners sell someone an Enhanced UCCX which gave them 300 ports, but they only had like 50 Agents.  A year later, the customer upgraded to Premuim, but only bought 50 seats, and thus downgraded their port license count to 100.  A third of what they had!  The solution?  Buy 100 more Premium Agent seats so your total goes up to 150 Agents, and thus your ports go up to 300.
  Peter Buswell wrote:I have been told that the number of ports is set by the class of the machine hardware and is not a license issue.   Others have suggested it is a license issue?
  These are both correct statements.  Just remember, that it's licensed based first for Premium, then hardware limited.  Standard and Enhanced are hardware limited only.
  Peter Buswell wrote:At the end of the day, however, I want a step by step procedure for adding more IVR ports to my deployment.   Even if that means buying more licenses (though I can not find a SKU).
  Again, for Standard and Enhanced, you need to move to bigger/better hardware to get more ports, assuming you're not already at the meximum of 400.
  Here is the document which walks you through moving to bigger hardware: Disaster Recovery Guide
  And for Premium, you need to purchase the SKU for a Premium Agent Seat license.  It's a 1:2 ratio for agents:ports.
  Peter Buswell wrote:I have several clients that have UCCX and are having calls that exceed the number of IVR ports.
  I'm not a partner, nor in sales, but I thought there was an A2Q process which validates CC designs for sales people.  At any rate, it sounds like they were either under sized or outgrew their overhead, and something needs to be done.
  Sometimes you can simply dump excess calls off.  Think about playing a high call volume message to callers and then drop them.
  Other times you can drop them into voicemail, and come back to it later.
  I've seen some basic call back functionality implemented with an external data source, which could alleviate ports.
  Lastly, I've seen improperly designed scripts which loop on themselves or other scripts, causing a high port usage.
  My point is that there's a few options here, outside of simply increasing the size of the server or purchasing new licenses.  There's no one size fits all answer though.
  Peter Buswell wrote:Before we get into a discussion of CTI ports or Call Controll Groups, let me identify that I think they are the same.
  Are you saying that CTI Ports and Call Control Groups are the same?  Or that CTI Ports/CCG's are the same as IVR Port Licenses?  Cause the former is true, while the latter is not.  Think "oversubscribed" CTI Ports.
  Sometimes it is advantageous to oversubscribe your CTI Ports, to achieve a more dynamic environment.  E.g., I have 100 ports, and all 100 are used for inbound calls.  I develope a single inbound app, which is limited to 10 ports, and handles small bursts of calls.  What happens is that, if the new inbound app is running, the most it can "steal" from the inbound calls is 10 ports.  However, if the app is not running (because it doesn't run all day, it's mostly bursty in nature), I can still have my regular inbound calls go all the way up to 100.
  Peter Buswell wrote:I can create a CTI Call Control Group with 300 paths, but if I only have 150 IVR ports I am in serious trouble on the 151 call!
  This is true.  Again, you need to decide if you really need the extra ports, of if there is some solution to solving this problem without making a hardware/license purchase.  These kinds of problems still exist for customers at the 400 port level, and they don't have the option to "buy more."
  Well, that's not entirely true.  While you cannot grow past the 400 port limit today, you could install another UCCX instance on the same CUCM cluster, effectively doubling your capacity, but breaking your administration into two separate domains.
  Peter Buswell wrote:I had a lab system that installed under vmware with 150 ports.  No matter how I tried to configure the CVA it always came up 150 ports!
  What's CVA?
  Peter Buswell wrote:I added a NFR license to my lab and magically it turned it into a 12 IVR system, so licensing does have something to do with it!  
  The NFR is most likely a Premium license.  Refer back to the 1:2 ratio, and that would tell me you have an NFR license for 6 Premium Agents.  Installing a higher level license on a lower level licensed system brings the whole system up to the higher level.  Recall my partner story about the Enhanced to Premium upgrade scenario.
  Peter Buswell wrote:I have htis experience on Version 8 and now on Version 9!
  The licensing doesn't change from 8x to 9x.
  Peter Buswell wrote:I need more IVR ports than appear in the installation.  I want to know exactly the steps needed to increase the number of IVR ports to the maxium of 300 for an enhanced system!
  You buy bigger/better hardware, and use the link I provided above for moving to that new hardware.
  Peter Buswell wrote:I can refer CISOC TAC to several tickets I have opened on this subject all with unsatisactory answers!  Most recently 626743961
  I would be surprised if there is a single Cisco TAC person who doesn't understand this simply IVR Port licensing model.  Perhaps there was some miscommunication about what was being asked, and what answer was being given.
  I hope that helped to clarify some things for you.  Also, if you are a partner, reach out to your CAM and ask for a one on one with a UCCX guru who can sit down with you.  Cisco would want you to be successful with selling their products.
  Anthony Holloway
  Please use the star ratings to help drive great content to the top of searches.

• Dynamic ports and firewall?

  Hello:
  I'm running a firewall and want to back it up using OSB. I'm trying to find out the range of dynamic ports that OSB uses (in addition to 400 and 10000) so I can open them up.
  I can't find it anywhere in the documentation. I only find this reference as part of the Windows installation section:
  If your Windows host is protected by a firewall, the firewall must be configured to permit Oracle >Secure Backup daemons on the host to communicate with the other hosts in your administrative >domain. Oracle Secure Backup includes daemon components that listen on ports 400 and 10000, >as well as other dynamically assigned portsWe can allow full access from our backup server to all ports on the firewall, but that is NOT a preferred solution! :-)
  Thanks!

  The range of port numbers should be above 20,000 but below 32,000 (ie 20,000 - 20,024) in addition to ports 400 and 10000.
  The number of ports needed is calculated by multiplying the # of concurrent OSB activities by 5. Or, by the # of tape drives (inside the firewall) and the # of clients (outside the firewall).
  Steps:
  1) On Firewall, open desired range of ports plus 400 and 10000.
  2) Edit the /etc/services file on both the admin host and the client to use:
  ob-daemon-low <port low #>/tcp
  ob-daemon-high <port high #>/tcp
  These parameters are based on ports you select for OSB (from step #1 above).

• Catalyst SLB - Exchange 2010 CAS RPC

  Hi.
  We're currently testing out SLB for load balancing a pair of Exchange 2010 CAS servers.  The config seems straightforward enough for single port services like 'Outlook Anywhere' or 'Outlook Web Access' (all on https).
  Does anyone have real life experience with getting straight MAPI Outlook load balancing to work?  According to Microsoft, there's only 3 ports to be concerned with - endpoint mapper, rpc.clientaccess, and address.book.  I've got the latter two set for static across both of these servers, and have 3 appropriate vservers in place pointing to the serverfarm, but a capture shows the process getting hung up on tcp135.  It's as if whatever server the endpoint request is landing on doesn't know what to do with the request.
  Thanks in advance for any replies.

  Hello Jay!
  Take a look at this doc:
  http://www.cisco.com/en/US/docs/solutions/Verticals/mstdcmsftex.html#wp609677
  RPC requires source ip sticky in order to operate correctly through a loadbalancer.  In the doc, they also walk through doing RPC over http/https - however, I have seen configurations where ACE is not L5-L7 that use RPC on port 135 as a L4 rule with sticky and it appears to work ok.
  Regards,
  Chris Higgins