The
Firewall Port Reference guide states we must open "port 135 and others" on a firewall to enable discovery.
I often get questions about what this means. It would be helpful to have clearer documentation. First, is this TCP only or is it TCP/UDP? Second, what others? Is this just the dynamic DCOM port range?
If it is the dynamic DCOM port range, and we limit as follows:
- Open regedt32.exe
- Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc
- If there is no subkey titled "Internet", create one.
- Inside the Internet key, create a REG_MULTI_SZ value named "Ports". Each line of the Ports value should specify a range of ports available to DCOM. For this example, add a single line that reads "3000-3100".
- Add a new REG_SZ value named "PortsInternetAvailable", set it to "Y"
- Add a new REG_SZ value named "UseInternetPorts", set it to "Y"
Then does the description basically mean "port 135 and 3000-3100?"