We have SCOM 2012 R2 UR14.
We need to manage another domain from our SCOM instance and we have to install the agents via push method rather than manual.
The Gateway servers are configured and communication back to MS and showing healthy. One tested one of the agent by manual install which is also showing healthy in the console, and reporting to the Gateway.
However; when we try to push the agents from console using this Gateway Server, we get the RPC server not reachable error.
The confusion is the port requirement for push install ?
Do we need to have below ports open between Gateway to Agents or MS to Agents ?
Does MS push the agent executable files to target computer or Gateway pushes them over port 135 ?
Do we need to make the entry in host file of MS for all agents to have name resolution ? I think it is not required
I believe it has to be between MS to target agents. i.e. DOMAIN A hosting MS and DOMAIN B having agents and Gateway. I think the below port are required from DOMAIN A to target agents in DOMAIN B.
|
Source
|
Ports
|
Protocol
|
Direction
|
Destination
|
|
Gateway or MS
|
RPC endpoint mapper Port : 135
|
TCP
|
-->
|
All the windows servers, which needs to be monitored by SCOM.
|
|
NetBIOS name service Port : 137
|
UDP
|
-->
|
|
NETBIOS Datagram Service:138
|
UDP
|
-->
|
|
NetBIOS session service Port :139
|
TCP
|
-->
|
|
SMB over IP Port : 445
|
TCP
|
-->
|
|
MOM Channel Port : 5723
|
TCP
|
<-->
|
|
ICMP (ping)
|
TCP/UDP
|
<-->
|
|
*RPC/DCOM High ports (2000/2003 OS) Ports : 1024-5000
|
TCP/UDP
|
-->
|
|
*RPC/DCOM High ports (2008 OS) Ports : 49152-65535
|
TCP/UDP
|
-->
|
Amanpreet Singh Bansal
Port needs to be opened for push agent install for Gateways
https://thesystemcenterblog.com
LinkedIn: 
