on 11-14-2012 07:30 PM - edited on 07-17-2024 03:31 PM by Nils
This article offers guidance on configuring Windows Firewall to allow WMI traffic, enabling remote scanning of Windows computers, and provides step-by-step instructions using the group policy editor or command prompt.
Lansweeper pulls Windows computer data from WMI (Windows Management Instrumentation), a management infrastructure built into Windows operating systems. The initial connection to a client machine is made over TCP port 135. By default, Windows then sends the WMI data over random ports in the 1025-5000 or 49152-65535 range.
Lansweeper first performs broadcasts to identify the Windows devices in your network. Next, discovered devices are added to a queue for further processing. Lansweeper then directly scans the Windows devices to gather detailed data, which involves sending a new WMI request to each device.
In order to remotely scan Windows computers, you must ensure that the machines' firewalls are properly configured to allow all WMI traffic. Simply opening specific ports is not enough, as traffic is sent over random ports in the 1025-5000 or 49152-65535 range. For more information, see Ports scanned or used by Lansweeper.
This article specifically explains how to configure Windows Firewall, also known as Windows Defender Firewall, for remote scanning of Windows computers. Windows Firewall has a remote administration setting you can enable to allow WMI traffic. The easiest way to enable this setting for all of your domain computers is using group policies.
To configure Windows Firewall on your client machines to allow WMI traffic:
Computer Configuration\Administrative Templates\Network\Network Connections
\Windows Defender Firewall\Domain Profile
Computer Configuration\Administrative Templates\Network\Network Connections
\Windows Firewall\Domain Profile
gpupdate /force
netsh firewall show state
If you prefer to configure Windows Firewall through commands or scripts, you can either:
call netsh firewall set service RemoteAdmin enable
call netsh firewall add portopening protocol=tcp port=135 name=DCOM_TCP135
Was this post helpful? Select Yes or No below!
Did you have a similar issue and a different solution? Or did you not find the information you needed? Create a post in our Community Forum for your fellow IT Heroes!
More questions? Browse our Quick Tech Solutions.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try NowExperience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now