System Center Operations Manager Firewall ports

Standard

When installing System Center Operations Manager you want to keep the local firewall on your servers up and running. You can use the following commands to open the ports you need.

For the command's below to work run the "command prompt as administrator".

Run this on the SQL Server that is the Database server for your Management Servers:

  • netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN
  • netsh advfirewall firewall add rule name = SQLBrowserPort dir = in protocol = tcp action = allow localport = 1434 remoteip = localsubnet profile = DOMAIN
  • netsh advfirewall firewall add rule name = ServiceBroker dir = in protocol = tcp action = allow localport = 4022 remoteip = localsubnet profile = DOMAIN

un this on the Server that is the The web server for Operations Manager:

  • netsh advfirewall firewall add rule name = HTTP dir = in protocol = tcp action = allow localport = 80 remoteip = localsubnet profile = DOMAIN
  • netsh advfirewall firewall add rule name = HTTPS dir = in protocol = tcp action = allow localport = 443 remoteip = localsubnet profile = DOMAIN

Run this on each of the System Center Management Servers:

  • netsh advfirewall firewall add rule name = MgmtPort dir = in protocol = tcp action = allow localport = 5723 remoteip = localsubnet profile = DOMAIN
  • netsh advfirewall firewall add rule name = MgmtConsole dir = in protocol = tcp action = allow localport = 5724 remoteip = localsubnet profile = DOMAIN

When you are using SNMP Network Monitoring run the following commands System Center Management Servers:

  • netsh advfirewall firewall set rule name="Operations Manager Ping Response (Echo Response – ICMPv4 IN)" new enable=yes
  • netsh advfirewall firewall set rule name="Operations Manager SNMP Response" new enable=yes
  • netsh advfirewall firewall set rule name="Operations Manager SNMP Trap Listener" new enable=yes

More information on the "netsh advfirewall firewall" command, can be found here. If you want more information on the firewall ports take a look at the following technet article. This can be found here