Get-Service blocked by firewall

SC 186 Reputation points
2024-07-16T09:35:04.2+00:00

Hi,
I have 2 virtual machines named AAA and BBB.

I tried running the following command from the BBB machine and it didn't work:

Get-Service -ComputerName AAA | Where-Object {($_.starttype -like "*auto*") -and ($_.Status -eq "Stopped")}

I created a firewall Inbound rule on the AAA machine as follows, and then the command worked:

Name Group Profile Enabled Action Override Program Local Address Remote Address Protocol Local Port Remote Port Authorized Users Authorized Computers Authorized Local Principals Local User Owner Application Package

TEST All No Allow No Any Any Any TCP 49000-50000 Any Any Any Any Any Any

TEST

Why 49000-50000 ports?

What ports does Get-Service need open?

Thank you in advance for your reply.
SC

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,791 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,583 questions
0 comments No comments
{count} votes

Accepted answer
  1. Ian Xue 37,621 Reputation points Microsoft Vendor
    2024-07-17T00:51:53.9566667+00:00

    Hi SC,

    Get-Service uses RPC which requires TCP port 135 and a randomly allocated high TCP port between 49152 - 65535 to connect to remote computers. You can refer to this guide to specify the RPC dynamic port range.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-rpc-dynamic-port-allocation-with-firewalls

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.