My office has moved and my network group has no idea what ports to enable so I can remotely manage other DHCP consoles. It appears random but there is another discussion asking the same thing but it's not clear to me what I am to tell them. They tell me its 1077. 1077 is a gaming port from what iana shows. I'm finding different results such as src 445 and dest ports 4603. It appears to be dynamic. They are putting this on me to figure out even though it works at all of our other locations... What exactly do they need to know? Thanks!

Hi iistok, Thanks for posting here. We need to enable firewall exceptions for TCP 135,445,1024 to 1034 if want to remotely manage via MMC by settings: MMC port for DNS and DHCP Management http://social.technet.microsoft.com/Forums/lv/winserverPN/thread/4cf7e225-6e68-44ef-a11e-d5b6dd633f2a However if we want to manage via WinRM with Server Manager then 5985 is the port need to be opened by default : Remote Management with Server Manager http://technet.microsoft.com/en-us/library/dd759202.aspx Thanks. Tiger LiTiger Li TechNet Community Support

Thanks but that's the same post that didn't answer my question. That post is for a local Windows firewall. What do I need to ask my network admins to open on their firewalls. I can tell them tcp 135 and 445. That's clear. I can't tell them "It also allows SVCHOST.EXE and LSASS.EXE to listen on dynamically assigned TCP ports in the range of 1024 to 1034." It also would not explain why the connection would utilize 1077 as I mentioned above.

Hi jjstok, Thanks for update. Remote management via MMC needs to have static ports TCP ports 135 and 445 and dynamic port range opened for RPC and DCOM communication: TCP 1024 to 1034 in system before Windows Server 2008 and TCP 49152 to 65535 in newer platform: The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008 http://support.microsoft.com/kb/929851/ If you think that will be a security concern , Id suggest to implement remote management via WinRM which requires single static port (HTTP protocol over TCP 5985) : Geek of All Trades: Configure Remote Management with Server Manager http://technet.microsoft.com/en-us/magazine/hh127071.aspx Thanks. Tiger LiTiger Li TechNet Community Support

Hi jjstok, Thanks for update. Remote management via MMC needs to have static ports TCP ports 135 and 445 and dynamic port range opened for RPC and DCOM communication: TCP 1024 to 1034 in system before Windows Server 2008 and TCP 49152 to 65535 in newer platform: The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008 http://support.microsoft.com/kb/929851/ If you think that will be a security concern , Id suggest to implement remote management via WinRM which requires single static port (HTTP protocol over TCP 5985) : Geek of All Trades: Configure Remote Management with Server Manager http://technet.microsoft.com/en-us/magazine/hh127071.aspx Thanks. Tiger LiTiger Li TechNet Community Support