SCCM 2007 remote tools - Cannot contact host
We wanted to apply a firewall to all XP clients so we set up a test group first. We applied all the ports that are needed by SCCM all seems fine including RDP no problem. However we cannot connect using remote tools or remote assitance. We have reinstalled the CCM client and all seems fine at the client end (so far). Nothing is really standing out, may need help on what logs to look at but we are sure all ports are enabled through exception.
April 27th, 2012 4:22am

Hi, If you temporarily disable the client firewall can you connect then? Verify that the user you are trying to connect as member of the local "ConfigMgr Remote Control Users group" on the client. What error are you getting? regards, Jrgen-- My System Center blog ccmexec.com -- Twitter @ccmexec
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 4:46am

We can do remote tools to other Desktops, we turned off the firewall on the test group and was able to conect. So there must be something stopping the connection but as I said we have added the ports listed by Microsoft for Remote tools and remote assitance. We can RDP to the firewalled desktops!!! Calum
April 27th, 2012 5:07am

Hi, RDP doesn't use the same ports as SCCM remote Tools, which ports have you opened fr SCCM remote tools? These are the ports required. TCP port 2701 TCP port 2702 TCP port 135 regards, Jrgen-- My System Center blog ccmexec.com -- Twitter @ccmexec
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 5:24am

These ports you suggest are indeed open!
April 27th, 2012 5:38am

Are you using Windows Firewall or a 3rd party firewall? Any other features in that firewall that can stop it, because it sure looks like the firewall right? If you are using Windows Firewall turn on logging and see what packages are beeing dropped. Regards, Jrgen-- My System Center blog ccmexec.com -- Twitter @ccmexec
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 7:43am

Also note, the remote control is a direct connection from the system remote the remote control agent to the system being remote controlled -- unless you are running the remote control tool on the siste server itself, the site server is no involved in the actual connection. This may affect your firewall rules if you have them scoped to only allow the required traffic from the site server. Is this happening on all clients you try to connect to? When using RD, are you using FQDNs or short names?Jason | http://blog.configmgrftw.com | Twitter @JasonSandys
April 27th, 2012 9:29am

doesn't your firewall have a logfile where u can determine the traffic ?
Free Windows Admin Tool Kit Click here and download it now
April 30th, 2012 2:53am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics