Intel® vPro™ Platform
Intel Manageability Forum (Intel® EMA, AMT, SCS & Manageability Commander)
Announcements
Intel® Endpoint Management Assistant (Intel® EMA) Cloud Start Tool for Azure* 2.0 is now available for download here.

The Intel® Manageability Commander 2.2 has been released! Learn more here.

The Intel® Endpoint Management Assistant, version 1.6.0 is now available for download here.

The Intel® Setup and Configuration Software tool will End of Life (EOL) on 12/31/2022. The Intel® Setup and Configuration Software Download will be available until March 31, 2021. For details, Please click here.
2563 Discussions

Cannot connect to RCS behind firewall

GRile
New Contributor I
1,494 Views

The server hosting the RCS has its firewall enabled. I cannot connect to it using SCS Console from client PC or from the SCCM server during SCCM Add-on installation. I know there is a small section in the manual that states:

--------------------------------

If you install the RCS on a computer that is protected by a firewall, you might receive error messages when you

try to connect to the RCS.

Solution:

You must make sure that the firewall is configured to enable the WMI to connect to the RCS. For more

information, refer to the Microsoft Developer Network:

http://msdn.microsoft.com/en-us/library/aa389286(VS.85).aspx

--------------------------------

However this doesn't help in any way. I click the link but the page talks about using VBScript? If I disable the firewall on the RCS server I can connect so it's obviously a firewall issue, the question is which port/s do I need to open? If I capture the traffic on my PC whilst trying to connect to the RCS server I see attempts to connect on port 135 except I have tried enabling the rule "Windows management Instrumentation (WMI-In)" on the server but no luck.

Any ideas?

Graham

0 Kudos
1 Solution
Dariusz_W_Intel
Employee
126 Views

Graham,

you need WMI -in TCP port 135 to be opened to allow SCS console to connect - otherwise you will get Timeout error in SCS console.

 

Make sure that you use right RCS server IP or FQDN.

+

you need to enable AD user of SCS console in RCS WMI Name Space and DCOM permissions on RCS -otherwise you will get Access Denied error message in SCS Console.

the best way is to use RCSutils.exe tool with /Permissions Add command.

See SCS User Guide section called User Permissions Required to Access the RCS (3.8 for SCS 11.1)

rgds

Dariusz Wittek

Intel EMEA Biz Client Technical Sales Specialist

View solution in original post

3 Replies
Dariusz_W_Intel
Employee
127 Views

Graham,

you need WMI -in TCP port 135 to be opened to allow SCS console to connect - otherwise you will get Timeout error in SCS console.

 

Make sure that you use right RCS server IP or FQDN.

+

you need to enable AD user of SCS console in RCS WMI Name Space and DCOM permissions on RCS -otherwise you will get Access Denied error message in SCS Console.

the best way is to use RCSutils.exe tool with /Permissions Add command.

See SCS User Guide section called User Permissions Required to Access the RCS (3.8 for SCS 11.1)

rgds

Dariusz Wittek

Intel EMEA Biz Client Technical Sales Specialist

View solution in original post

GRile
New Contributor I
126 Views

Thanks for your reply Dariusz,

I tried this but it doesn't seem to make any difference, I still cannot connect. However, before that I managed to discover, by process of elimination, the correct ports to open on the firewall. If I opened up tcp 135 (not the built-in rule for WMI-In) and also a port range of 50000-55000 I was able to connect from my PC and from the SCCM Add-in wizard. I would still prefer to do it the correct way. Can you advise? Should I open a support ticket?

Thanks, Graham

GRile
New Contributor I
126 Views

It is working now. I needed to enable the three rules:

  • Windows Management Instrumentation (ASync-In)
  • Windows Management Instrumentation (DCOM-In)
  • Windows Management Instrumentation (WMI-In)
Reply