WMI queries use the Microsoft Remote Procedure Call (RPC) network protocol, which accesses dynamically assigned ports on the server side. This protocol is firewall-unfriendly.
To avoid firewall trouble, VMware, Inc. recommends that you deploy the Server Manager or the WMI proxy in the same network as the hosts it will manage, without a firewall between them.
If there must be a firewall between the Server Manager and the managed hosts, configure the hosts to allow RPC traffic. This is done in two stages:
-
Configure the managed hosts to use a narrow range of dynamic ports for their RPC. For further information, you can access one of the following URLs:
http://msdn2.microsoft.com/en-us/library/ms809327 http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp
-
In the firewall settings, open TCP port 135 (the RPC Service Control Manager port), in addition to the full range of RPC ports specified in stage 1, for access by the Server Manager.