Share via

Configuring WinRM for HTTPS

Mariia Tiurina 21 Reputation points
2021-03-09T15:50:22.32+00:00

Hi,
I need to configure WinRM port as Listener.

UPD:

Basing on instruction from article in comments I configured it to Address=*.

This option is not secure.
I need to restrict the number of allowed IPs on Address=<IP>

Which command can do it?

Windows for business | Windows Client for IT Pros | User experience | Remote desktop services and terminal services
0 comments
Accepted answer
  1. Anonymous
    2021-03-16T04:55:02.12+00:00

    Hello @Mariia Tiurina

    Found from here:

    1. Firewall; enable a rule that only allows inbound WinRM connections from the specified subnet.
    2. Following, your initial line of thought, use the "Service" side of WSman instead of the "Client" side, i.e.
      Text
      Set-Item -Path WSMan:\localhost\Service\ -Name IPv4Filter -Value 10.10.10.1-10.10.10.254
    3. Use a Group Policy to configure the same setting Compter \ Policies \ Administrative Templates \ Windows Components \ Windows Remote Management \ WinRM Service \ Allow remote server management through WinRM: Enabled & Configure IPv4 Filter

    Other reference article:Installation and configuration for Windows Remote Management

    Best Regards
    Karlie

    ----------

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2021-03-10T07:13:49.81+00:00
  2. Anonymous
    2021-03-16T04:55:01.937+00:00

    Hello @Mariia Tiurina

    Found from here:

    1. Firewall; enable a rule that only allows inbound WinRM connections from the specified subnet.
    2. Following, your initial line of thought, use the "Service" side of WSman instead of the "Client" side, i.e.
      Text
      Set-Item -Path WSMan:\localhost\Service\ -Name IPv4Filter -Value 10.10.10.1-10.10.10.254
    3. Use a Group Policy to configure the same setting Compter \ Policies \ Administrative Templates \ Windows Components \ Windows Remote Management \ WinRM Service \ Allow remote server management through WinRM: Enabled & Configure IPv4 Filter

    Other reference article:Installation and configuration for Windows Remote Management

    Best Regards
    Karlie

    ----------

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.