If you specify the Power Management: Windows Firewall exception for wake-up proxy client setting, these ports are automatically configured in Windows Firewall for clients. These are the default port numbers that can be changed in Configuration Manager by using the Power Management clients settings of Wake-up proxy port number (UDP) and Wake On LAN port number (UDP). This communication uses the following ports: If you enable the wake-up proxy client setting, a new service named ConfigMgr Wake-up Proxy uses a peer-to-peer protocol to check whether other computers are awake on the subnet and to wake them up if necessary. If you initiate Remote Assistance from the client computer, Windows Firewall automatically configures and permits Remote Assistance and Remote Desktop. You must also permit Remote Assistance and Remote Desktop. To initiate Remote Assistance from the Configuration Manager console, add the custom program Helpsvc.exe and the inbound custom port TCP 135 to the list of permitted programs and services in Windows Firewall on the client computer. To use Configuration Manager remote control, allow the following port: If these ports have been changed from the default values, you must also configure matching exceptions on the Windows Firewall. For more information, see How to configure client communication ports. These are default port numbers that can be changed in Configuration Manager. Outbound: TCP Port 443 (for HTTPS communication) Outbound: TCP Port 80 (for HTTP communication) Client Requestsįor client computers to communicate with Configuration Manager site systems, add the following as exceptions to the Windows Firewall: To use Group Policy to install the Configuration Manager client, add File and Printer Sharing as an exception to the Windows Firewall. Inbound: Windows Management Instrumentation (WMI)Ĭlient Installation by Using Group Policy Outbound and inbound: File and Printer Sharing To use client push to install the Configuration Manager client, add the following as exceptions to the Windows Firewall: You can also manually add Statview.exe to the list of programs and services on the Exceptions tab of the Windows Firewall before you run a query. If you unblock statview.exe, future queries will run without errors. If you run the Configuration Manager console on a computer that runs Windows Firewall, queries fail the first time that they are run and the operating system displays a dialog box asking if you want to unblock statview.exe. The following Configuration Manager features require exceptions on the Windows Firewall: Queries Programs and Ports that Configuration Manager Requires Right-click Windows Firewall, and then click Open.Ĭonfigure any required exceptions and any custom programs and ports that you require. On the computer that runs Windows Firewall, open Control Panel. To modify the ports and programs permitted by Windows Firewall Use the following procedure to modify the ports and programs on Windows Firewall for the Configuration Manager client. Modifying the Ports and Programs Permitted by Windows Firewall Use the following sections to identify these management features and for more information about how to configure Windows Firewall for these exceptions. The exceptions that you must configure depend on the management features that you use with the Configuration Manager client. Applies to: Configuration Manager (current branch)Ĭlient computers in Configuration Manager that run Windows Firewall often require you to configure exceptions to allow communication with their site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |