Port issues between Batchpatch server and servers

[jdibona110]

Having an issue I haven’t been able to fix? I keep getting the “Error: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)” when trying to apply patches to machines. The windows firewall is disabled on all machines and I have opened up TCP ports 445, 135, 139 and UDP ports 135, 137, 138. If you allow all traffic on the firewall everything works fine. What port(s) and I missing?

Thank you in advance!

[jdibona110]

When I say I have opened up those TCP and UDP ports, I meant the Batchpatch server and other servers are on different subnets so the firewall between them is allowing those ports on both sides.

[doug]

Opening those ports is not sufficient. WMI, which is one of the protocols used by BatchPatch, relies on dynamic port configuration for its connections, which means that the actual ports used for a given connection are established on-the-fly at the time of connection. Each connection will end up using different ports. You would additionally need to modify your network/hardware firewall to enable/allow DCE/RPC. More info here:

BatchPatch Port Requirements

-Doug

[jdibona110]

I ran across that article before. Thanks for forwarding, but was wondering if you could help a little more.

[jdibona110]

I’m just not familiar with DCE and was wondering if you knew more about it and what is involved in allowing it.

I do appreciate your time.

[doug]

I would suggest starting with these pages:

https://en.wikipedia.org/wiki/DCE/RPC

http://wiki.wireshark.org/DCE/RPC

[jdibona110]

Thank you Doug.

[Author]

Posts