locked
Firewall Ports RRS feed

  • Question

  • We have quite a bit of firewalls in our environment and we would not like to open up a bunch of ports on our firewalls. We have decided to use certificates on these servers instead. Can you let me know the list of ports that are required to be open between the MS and Agent Computer once the Certificates are installed. If you open TCP 5723 both ways is that sufficient?

    So if there are hosts which are part of the same domain as the SCOM MS, which are separated by a firewall you have two options either open up all higher ports and other scom ports, else install a certificate or depending on the number of hosts to be monitored in that location, install a gateway server. Correct?

    Thursday, December 8, 2011 2:17 PM

Answers

  • if you install agents and certificates on those machines than port 5723 is sufficient for communication. For SCOM.
    Bob Cornelissen - BICTT (My BICTT Blog) - Microsoft Community Contributor 2011 Recipient
    • Marked as answer by Tom_Gale Friday, December 9, 2011 12:20 PM
    Thursday, December 8, 2011 5:57 PM

All replies

  • Hi,

    Check here: http://technet.microsoft.com/en-us/library/cc540431.aspx

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Thursday, December 8, 2011 2:34 PM
  • if you install agents and certificates on those machines than port 5723 is sufficient for communication. For SCOM.
    Bob Cornelissen - BICTT (My BICTT Blog) - Microsoft Community Contributor 2011 Recipient
    • Marked as answer by Tom_Gale Friday, December 9, 2011 12:20 PM
    Thursday, December 8, 2011 5:57 PM