Virtualization, Hybrid Cloud , GCP, Azure, AWS, Vmware, Hyper-V, M365, Data Protection and Veeam: Site to Site DPM 2012 Replication Firewall Ports

Thursday, March 1, 2012

Site to Site DPM 2012 Replication Firewall Ports

Guy, anyone doing site to site DPM replication. Well, i have been playing around it since DPM 2010. Now i am testing Site to Site Replication using DPM 2012 and this round i’m not talking about step by step configuration. We will focus on the common question especially on firewall that exist in Site A and Site B. You are require to open certain ports in order for the replication to work.

Now, Microsoft Technet provide a good article on ports that you need to open in order for communication between DPM Server, Domain Controller, DPM Remote SQL Server and protected server. You can check the firewall port from here:- http://technet.microsoft.com/en-us/library/ff399341.aspx

One of the concern is the WMI and RPC dynamic port number which the range from TCP 1024 through 65535. So most security team will not allow you to open huge range of port number between site A and site B. Therefore below is the step by step that you can follow to configure fixed WMI port and set range of dynamic RPC port.

1. Configure WMI to use Fixed Port – TCP/24158

a) Open command prompt and type the following command

winmgmt -standalonehost
net stop "Windows Management Instrumentation"
net start "Windows Management Instrumentation"
netsh firewall add portopening TCP 24158 WMIFixedPort

To verify, open the Component Services from Administrative Tools. Expand My Computer | DCOM Config | Right click Windows Management Instrumentation and select EndPoint Tab. Select Connection oriented TCP/IP and select Properties