Windows Firewall Denied Access
Computers that are running the Windows Firewall will introduce some challenges in the inventory process. By default, the Windows Firewall is configured to block remote requests to authenticate and connect to the computer via WMI.
The following exceptions must be enabled to allow remote access for inventory:
|
Exception Name |
Description |
|
File and Printer Sharing exception |
The “File and Printer Sharing” exception must be enabled for computers when Windows Firewall is enabled. This exception opens TCP ports 139 and 445, and UDP ports 137 and 138. If you have another host firewall installed, you will need to allow network traffic through these ports. |
|
Remote Administration exception |
The "remote administration exception" needs to be enabled for computers when Windows Firewall is enabled. This exception opens TCP port 135. If you have another host firewall installed, you will need to allow network traffic through this port. |
Many host and software-based firewall products will block DCOM traffic across the network adapters on the computer. For example, remote WMI connections will most likely fail when attempting to connect to a computer running the Microsoft® Internet Security and Acceleration (ISA) firewall service. To enable remote WMI access, ensure that the TCP/UDP ports mentioned for the "Remote Administration" and "File and Printer Sharing" exceptions are opened on the computer running the software firewall.
Refer to the Prepare Your Environment section of the Getting Started Guide for specific steps to enable these exceptions manually or using Group Policy for the Windows Firewall.
Related Topics
Inventory Assessment Results and Problems