Failover cluster module firewall port(s)

This topic contains 2 replies, has 2 voices, and was last updated by  pdx99 1 year, 1 month ago.

  • Author
  • #69016


    I am planning to manage multiple windows clusters from a mgmt system using the failover cluster module cmdlets on the mgmt system. The mgmt system is in a separate subnet from the clusters.

    Do the failover cluster module cmdlets (get-cluster, get-clusternode, etc) utilize wsman and TCP/5985 would be the only port needed to be opened on a physical firewall between the subnets? This assumes winrm is enabled and the winrm windows firewall rule enabled on the cluster nodes.


  • #69187

    Dakota Clark

    Based on errors I've seen in the past I believe the cluster cmdelts use RPC to communicate.

    Get-Cluster : Check the spelling of the cluster name. Otherwise, there might be a problem with your network. Make sure
    the cluster nodes are turned on and connected to the network or contact your network administrator.
        The RPC server is unavailable
    At line:1 char:1
    + Get-Cluster -Name Cluster1
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ConnectionError: (:) [Get-Cluster], ClusterCmdletException
        + FullyQualifiedErrorId : ClusterRpcConnection,Microsoft.FailoverClusters.PowerShell.GetClusterCommand

    In this case the "The RPC server is unavailable" is what leads me to my conclusion.

    • #69190


      Thanks for the reply. I believe you are right because – since posting this question – I set up a w2k8r2 cluster in a lab and without winrm enabled or the winrm fw rule enabled on the two cluster nodes, I was able to successfully run the cluster cmdlets from a remote system

You must be logged in to reply to this topic.