As of this morning when users attempt to login to our SSLVPN we are receiving notice on our firewall of a suspicious IPS hit around RPC calls. Nothing changed on our firewall or our SSLVPN. Now all LDAP login requests return as failures, as it appears this RPC call is being used for authentication. We were running 8.0R9, but we upgraded to 8.0R10 and are having the same issue. Anyone else seen this issue? Any solutions other than whitelisting?