Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Please refer the following steps for firewall setting of IIS RPC:
1. RPC dynamic port range:
應用程式通訊協定 |
通訊協定 |
連接埠 |
RPC |
TCP |
135, 隨機連接埠號碼介於 1024 - 65535 135, 隨機連接埠號碼介於 49152 – 65535* |
*這是 Windows Server 2008 和 Windows Vista 中的範圍。
2. Steps of setting RPC dynamic port:
You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:
netsh int ipv4 show dynamicport tcp
You adjust this range by using the netsh command, as follows:
netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands:
netsh int ipv4 set dynamicport tcp start=50000 num=1000
3. Steps of firewall (For Windows Server 2008 R2)
For Windows Server 2008
Here is the following command that helps you do this:
Type in the following where the range is specified in ( ) and the name of the firewall entry is in " ".
FOR /L %I IN (5000,1,5100) DO netsh firewall add portopening TCP %I "RPC PORTS"%I
Each port in the range will be added with an "OK" confirmation.
In my case I wanted to add ports from 5000 - 5100.
We can add or delete both TCP and UDP ports, to do this we need to make a slight change in the above command:
instead of TCP we need to specify UDP and instead of "add" specify "delete" .
Ref:
=====
Windows Server 系統的服務概觀和網路連接埠需求
https://support.microsoft.com/kb/832017/zh-tw
How to configure RPC to use certain ports and how to help secure those ports by using IPsec
https://support.microsoft.com/kb/908472/en-us
在 Windows Vista 和 Windows Server 2008 中,TCP/IP 的預設動態連接埠範圍已變更