Please refer the following steps for firewall setting of IIS RPC:
1. RPC dynamic port range:
135, 隨機連接埠號碼介於 1024 - 65535 135, 隨機連接埠號碼介於 49152 – 65535*
*這是 Windows Server 2008 和 Windows Vista 中的範圍。
2. Steps of setting RPC dynamic port: You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands: netsh int ipv4 show dynamicport tcp
You adjust this range by using the netsh command, as follows:
netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands: netsh int ipv4 set dynamicport tcp start=50000 num=1000 3. Steps of firewall (For Windows Server 2008 R2)
For Windows Server 2008 Here is the following command that helps you do this:
Type in the following where the range is specified in ( ) and the name of the firewall entry is in " ".
FOR /L %I IN (5000,1,5100) DO netsh firewall add portopening TCP %I "RPC PORTS"%I
Each port in the range will be added with an "OK" confirmation.
In my case I wanted to add ports from 5000 - 5100.
We can add or delete both TCP and UDP ports, to do this we need to make a slight change in the above command:
instead of TCP we need to specify UDP and instead of "add" specify "delete" . Ref:
Windows Server 系統的服務概觀和網路連接埠需求
How to configure RPC to use certain ports and how to help secure those ports by using IPsec
在 Windows Vista 和 Windows Server 2008 中，TCP/IP 的預設動態連接埠範圍已變更