Firewall port requirements for SCCM remote control. I heard that port TCP – 135. TCP – 2701. TCP – 2702 are needed for this requirement . I need source and destinations computers like source is client computers and destinations is SCCM primary server? Please help on this
The case seems to be related with SCCM, so I change the tag to CM-general.
Yes I agreed , Suppose I am accessing the user computers from my local laptop , so I need to run CmRcViewer.exe in my laptop.
So here is Source is my computers IP and destination is users computers right ? so we need to open the port between these subnet? . So my question is do I need to open any port for primary server either giving as source or destination ?
So here is Source is my computers IP and destination is users computers right ?
Correct.
So my question is do I need to open any port for primary server either giving as source or destination ?
If you are just running CmRcViewer.exe, then no (unless you launch CmRcViewer.exe with the switch to connect to the site server for auditing purposes). If you are running the console, then the console must be able to communicate with the SMS Provider (and not the primary site server unless the SMS Provider is co-located on the primary site server).
The source could be Configuration Manager console, the destination is client, and we should open TCP Port 2701 on the side of client.
About the details of port, please refer to this link:
https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/ports#BKMK_PortsConsole-Client
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks Amandayou,
Here is the My confusion. Source is Client and destination is Primary server? Could you please triple confirm
No, you have it backwards, source will be any computer with the cm console.
Destination will be the computer you are trying to remote control.
thanks Garth,
"source will be any computer with the cm console." which means SCCM Primary servers?
The connection comes the system running the console that initiates the connection. If that happens to be the primary site server, then yes, those are one in the same however that's generally a bad practice (running the console on the primary site server). You should be installing and running the console on your workstation(s) and performing your admin work there including initiating remote control.
4 people are following this question.
