SCCM Firewall ports and network ports must be defined if you want manage clients across multiple networks. Configuration Manager to properly manage clients if some ports arenot been defined and opened to allow for traffic to flow properly.Typical symptoms of failed network connectivity can be clients stuck with old configuration manager client, trouble to patch and deploy software.Here is a copy of my cheat-sheet that I use (or send to the network technicians) to make sure all required traffic is let through.
Required SCCM Firewall Ports
These firewall ports are required for SCCM to properly manage clients. You need to specify these in your network / firewall to allow the traffic pass, and they must be openon sccm servers internal firewall as well.
These ports are optional and not required for Configuration Manager to manage clients. I still recommend to open them as they make the daily life of the SCCM administrator much easier.
445 TCP. Windows File Share. This together with Right Click Tools makes it very easy for you to connect to client computers local hard drive when you troubleshoot a client.
2701 TCP. Enable remote control from Configuration Manager Console.
3389 TCP. Enable Remote Assistance and Remote Desktop.
Anders Rødland started his IT career in 2006. My main focus is MS Configuration Manager and client management, and I have passed 17 Microsoft certifications since then. My main expertise is on client management with Microsoft Endpoint Manager: Intune and Configuration Manager. I also do a lot of work on the security side with Microsoft Defender for Endpoint. In addition to my Microsoft certification, I also have an ITIL v3 Foundation certification.This is my private blog and do not represent my employer. I use this to share information that I find useful. Sharing is caring.
Microsoft System Center Configuration Manager (SCCM) remote control uses TCP ports 2701 and 2702. Notes: Port numbers in computer networking represent communication endpoints. Ports are unsigned 16-bit integers (0-65535) that identify a specific process, or network service.
Firewall Ports Recommended and Required to Be Open
Port
Protocol
123
UDP UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received.
Ports in your computer's firewall control whether or not a program can access or be accessed by your computer. Network ports exist on your network firewall, and have the same function- except that opening or closing ports on the network firewall controls access for ALL devices on that network.
Does turning off Windows Firewall open all ports? Yes. But your modem/router where your internet comes in might be blocking them anyways. So turning off your windows firewall might not help.
This is a little tool I created for testing the required TCP ports on SCCM client systems. It will check that the required inbound ports are open and that the client can communicate to its management point, distribution point and software update point on the required ports.
By default, RPC dynamically allocates ports in the range of 1024 to 5000 for endpoints that do not specify a port on which to listen. This article uses the port range of 5001 to 5021.
Introduction: My name is Van Hayes, I am a thankful, friendly, smiling, calm, powerful, fine, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.