locked
Client Push Installation not working with Firewall exceptions RRS feed

  • Question

  • I created the following port exceptions in firewall:

    Outbound and inbound: File and Printer Sharing &Windows Management Instrumentation (WMI)

    Outbound: TCP Port 80

    Outbound: TCP Port 443

    Outbound: UDP 67

    Outbound: UDP 68

    Outbound: TCP 80/443

    Inbound: TCP port 2701

    Inbound: TCP port 135

    UDP ports 

    53

    67

    68

    69

    135

    137

    138

    63000-64000

     TCP Ports

    53

    80

    135

    139

    389

    443

    445

    636

    1433

    2701

    3268

    3269

    3389

    4022

    8530

    8531

    16993

    16995

    But still i am not able to push the client agent. Ccmsetup.exe in not getting initiated in client machine. I some machines i tried to install Client Agent via image. but those computers are also not reporting to SCCM Servers. Do i have to give any more port exceptions.?


    V I S H N U

    Saturday, September 15, 2012 11:02 AM

Answers

  • How are you setting the firewall?? what OS are you pushing out to??

    For our site with windows7 Clients i had to set a group policy untill we enabled this policy we were getting unable to connect to WMI on client error in the logs.

    Windows Firewall: Allow inbound remote administration exceptions this can be found under Computer Configuration - Policies - Administrative Template - Network - Network Connections - Windows Firewall - Domain Profile

    Hope this fixes it for you.

    • Marked as answer by Vishnu Soman Thursday, September 20, 2012 6:02 PM
    Thursday, September 20, 2012 12:58 AM
  • What dies ccm.log on the site server say? This is the definitive log on the site server for the initiation of client push.

    When you say you create firewall exceptions, where did you create these? On the target clients?


    Jason | http://blog.configmgrftw.com

    • Marked as answer by Vishnu Soman Thursday, September 20, 2012 6:03 PM
    Saturday, September 15, 2012 2:45 PM

All replies

  • What dies ccm.log on the site server say? This is the definitive log on the site server for the initiation of client push.

    When you say you create firewall exceptions, where did you create these? On the target clients?


    Jason | http://blog.configmgrftw.com

    • Marked as answer by Vishnu Soman Thursday, September 20, 2012 6:03 PM
    Saturday, September 15, 2012 2:45 PM
  • How are you setting the firewall?? what OS are you pushing out to??

    For our site with windows7 Clients i had to set a group policy untill we enabled this policy we were getting unable to connect to WMI on client error in the logs.

    Windows Firewall: Allow inbound remote administration exceptions this can be found under Computer Configuration - Policies - Administrative Template - Network - Network Connections - Windows Firewall - Domain Profile

    Hope this fixes it for you.

    • Marked as answer by Vishnu Soman Thursday, September 20, 2012 6:02 PM
    Thursday, September 20, 2012 12:58 AM
  • Thank you Adam.

    I tried this and this worked for me. Thanks a lot.


    V I S H N U

    Thursday, September 20, 2012 6:04 PM