How to reset IIS on a remote machine for Windows 2008
Please refer the following steps for firewall setting of IIS RPC:
1. RPC dynamic port range:
應用程式通訊協定 |
通訊協定 |
連接埠 |
RPC |
TCP |
135, 隨機連接埠號碼介於 1024 - 65535 135, 隨機連接埠號碼介於 49152 – 65535* |
*這是 Windows Server 2008 和 Windows Vista 中的範圍。
2. Steps of setting RPC dynamic port:
You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:
netsh int ipv4 show dynamicport tcp
You adjust this range by using the netsh command, as follows:
netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands:
netsh int ipv4 set dynamicport tcp start=50000 num=1000
3. Steps of firewall (For Windows Server 2008 R2)
For Windows Server 2008
Here is the following command that helps you do this:
Type in the following where the range is specified in ( ) and the name of the firewall entry is in " ".
FOR /L %I IN (5000,1,5100) DO netsh firewall add portopening TCP %I "RPC PORTS"%I
Each port in the range will be added with an "OK" confirmation.
In my case I wanted to add ports from 5000 - 5100.
We can add or delete both TCP and UDP ports, to do this we need to make a slight change in the above command:
instead of TCP we need to specify UDP and instead of "add" specify "delete" .
Ref:
=====
Windows Server 系統的服務概觀和網路連接埠需求
https://support.microsoft.com/kb/832017/zh-tw
How to configure RPC to use certain ports and how to help secure those ports by using IPsec
https://support.microsoft.com/kb/908472/en-us
在 Windows Vista 和 Windows Server 2008 中,TCP/IP 的預設動態連接埠範圍已變更