Powershell TCP Ports

This topic contains 1 reply, has 2 voices, and was last updated by Profile photo of Dave Wyatt Dave Wyatt 1 year, 10 months ago.

  • Author
    Posts
  • #22193
    Profile photo of rambog cnonline.net
    rambog cnonline.net
    Participant

    I understand that if I wanted to enter into a remote session with a target computer, port 5985 (for WS-Management) is the default. This will enable me to run commands like "Enter-PSSession" or "invoke-command". But what if I simply wanted to execute a command from the source machine like "get-service -ComputerName TargetMachineName", does that use the same TCP port 5985? In other words, do powershell cmdlets that have built-in remoting (ala the -ComputerName parameter) use port 5985? If not, what port(s) is being used?

  • #22202
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    5985 (and 5986 for HTTPS) are the WS-Man ports used by PowerShell Remoting and the newer Cim cmdlets. Most other cmdlets that offer their own built-in remoting capabilities are going to be using older protocols such as RPC. These are much less firewall-friendly; there are several ports you need to open, including a dynamic range (though you can control this range and narrow it down by using some registry keys on the target system):

    Here are some of the common ports you might need to open for those older commands to work:

    137 UDP, 138 UDP, and 139 TCP (NetBIOS stuff)
    135 TCP (RPC Endpoint Mapper)
    445 TCP (SMB)
    5355 UDP (Link-Local Multicast Name Resolution)

    Dynamic RPC range. See http://support.microsoft.com/kb/154596 for a description of how to configure this range from its very large default.

You must be logged in to reply to this topic.