Firewall settings that you need to configure depends on what kind of activities you will be using on your SCCM. The firewall settings can be distributed to the clients via  Group Policy. Start Group Policy Management Editor and navigate

Computer Configuration / Policies /  Windows Settings / Security Settings /Windows Firewall with Advanced Security

In the picture, you can see that I allow Inbound Ping Requests. That is for connection test purposes.

 

 

Client-Push Installation: If you are going to install clients via Client-Push method, then you need to allow these two.

  • Outbound and inbound: File and Printer Sharing
  • Inbound: Windows Management Instrumentation (WMI)

 

Client Installation (via Group Policy): 

  • Outbound and inbound: File and Printer Sharing

 

 

For the communication between Site Servers and Client Computers :

  • Outbound: TCP Port 80 (for HTTP communication)
  • Outbound: TCP Port 443 (for HTTPS communication)

 

 

For the actions that is trigger from Management Point towards the Client Computers:

(For example, to trigger download of client policy to client computer from SCCM Console) 

  • Outbound: TCP Port 10123 

If that connection fails the below ports will be tried.

  • Outbound: TCP Port 80 (for HTTP communication)
  • Outbound: TCP Port 443 (for HTTPS communication)

 

 

 Network Access Protection:System Health Validator point and client communication

  • Outbound: UDP 67 and UDP 68 For DHCP
  • Outbound: TCP 80/443 For Ipsec

 

 

 Remote Control:

  • Inbound: TCP Port 2701

 

Ports that you need to open on Database Server:

  • Inbound: TCP Port 1433
  • Inbound: TCP Port 4022

 

Remote Assistance and Remote Desktop:

To initiate Remote Assistance from the Configuration Manager console, add the custom program Helpsvc.exe and the inbound custom port TCP 135 to the list of permitted programs and services in Windows Firewall on the client computer. You must also permit Remote Assistance and Remote Desktop. If you initiate Remote Assistance from the client computer, Windows Firewall automatically configures and permits Remote Assistance and Remote Desktop.

 

Here is the full official documentation in case you need.

http://technet.microsoft.com/en-us/library/gg682180.aspx

 

 

ennlfrdeitptruestr

Hylafax Installation on Debian

Easy to start HylaFAX is a free linux-based fax server. It is used by many companies worldwide. In this article, we are going to install and configure HylaFAX.

More...

Creating Multiple Users on Active Directory

Docs / SupportIf you are working in an organization which receives a lot new users on several periods of the year, then you should handle creation of domain users  with the help of Powershell. 

More...

How To Change Default Computer OU

Native RTL SupportWhen you join a computer to the domain, Computer Object is created and placed in Default Computer Container which is not an organizational unit and we all know that, GPOs can be only applied to Organizational Units. 

More...

JSN Epic template designed by JoomlaShine.com