How to Allow RPC connection without ephemeral port
In a RPC session, the initial request from host to server AD is on 135 port. Server then replies to host on the same port, but the source port is NOT 135, it is a random ephemeral port.
So my question is: how to create policy: hosts to Server AD without use so many port (ephemeral port). MFE is stateful firewall but when I allow only RPC without ephemeral port, then communication failed.