- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-16-2020 12:38 PM
Hi All,
we are doing windows server discovery through out the enterprise network and it's working fine. But for one windows server we are getting credential Time out error, And we can able to login to the server using RDC. And we know there is no Firewall block and port 135 is also open for the server.
And when we run the simple WMI command from the MIDserver Host we are getting error like "No such Interface supported". So after reviewing the error from below KB article, it seems like Firewall issue, But the port is open.
https://hi.service-now.com/kb_view.do?sysparm_article=KB0787202
So please me out to get this issue resolved.
Thanks in Advance.
Best regards
CG.
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-02-2020 12:08 PM
One other thing to check on the high ports. Are all the Windows servers using the same version of windows? I didn't provide the high ports for older versions of Windows, because most organizations have since upgraded. The high port requirements are different for different versions of windows for WMI:
High Ports 1025 - 5000
Windows 2000
Windows XP
Windows Server 2003
High Ports 49152 - 65535
Windows Server 2008 and later versions
Windows Vista and later versions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-16-2020 01:07 PM
Hi,
Please white list the mid server on this machine. you can add one more firewall rule on the target machine and port 135 to allow communication on this port only for this mid server.
Thanks,
Ashutosh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-17-2020 10:41 PM
Thanks for your response Ashutosh. i can ask the server team to create a separte rule on this server, But it's happening just for one server. I hope it doesn't take more time in this process.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-01-2020 11:59 PM
Any Update on this.
For one server also it can cause issue, you can have firewall rule per server as well.
Thanks,
Ashutosh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-02-2020 08:13 AM
Thanks for the follow up Ashutosh, When i reached out to the server team they informed me everything is fine. so i decided to open the High Dcom ports on this server as chuck suggested and see what the outcome looks like.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-17-2020 08:05 AM
Did you also check that the high ports 49152 - 65535 are open to this server as well? When discovering using WMI, port 135 from the MID Server to the Remote Windows host must be open for initial communication AND high ports 49152 - 65535 must be open for the remainder of the communication. It is possible the high ports are being blocked.
If the Windows server has the Windows Firewall with Advanced Security turned on, you can check the firewall logs (C:\Windows\System32\LogFiles\Firewall) to determine if any of the WMI ports are being blocked. When the Inbound rule Windows Management Instrumentation (WMI-In) for WMI is enabled, you can see in the logs that the high ports (src-port and dst-port) are allowed (action=ALLOW).