Administering the server remotely

Applies To: Windows Server 2008, Windows Server 2008 R2

Application Protocol Protocol Port Description

HTTP

TCP

8080 (In/Out)

The Windows Media server uses this TCP port to communicate with Windows Media Services Administrator for the Web by using HTTP.

HTTPS

TCP

443 (In/Out)

The Windows Media server uses this TCP port to communicate with Windows Media Services Administrator for the Web by using HTTP over Secure Sockets Layer (HTTPS).

RPC

TCP

135 (In)

The Windows Media server uses this TCP port to accept the incoming remote connection to the Service Control Manager (SCM), which provides RPC-based services for Distributed Component Object Model (DCOM).

RPC

UDP

135 (In/Out)

The Windows Media server uses this UDP port for communication between the remote computer and the SCM.

DCOM

TCP

49152-65535 (In)

DCOM dynamically allocates one TCP port per process within this port range. You can customize the port range by creating a registry key. For more information, see How to configure RPC dynamic port allocation to work with firewalls.

DCOM

UDP

49152-65535 (In/Out)

DCOM dynamically allocates one TCP port per process within this port range. You can customize the port range by creating a registry key. For more information, see How to configure RPC dynamic port allocation to work with firewalls.

SNMP

UDP

161 (In/Out)

Allows remote administration and monitoring using Simple Network Management Protocol (SNMP).

SMB

TCP

445 (In/Out)

Allows remote administration and monitoring using Windows Management Instrumentation (WMI).

You can administer a Windows Media server behind a firewall by using the following interfaces:

  • Windows Media Services Administrator for the Web. This interface makes remote administration of your server easy through the use of a Web browser. Using a Web interface allows you to administer Windows Media Services over a firewall, on a low-bandwidth network connection, or in a non-Windows environment. You connect Windows Media Services Administrator for the Web from a remote location to the Web services running on the Windows Media server by using HTTP over port 8080, which is not blocked by most firewalls. For example, you might use the URL https://server:8080/default.asp.

  • Windows Media Services snap-in. This interface enables you to use Microsoft Management Console (MMC) on a remote computer to manage your Windows Media server. For more information about how to install the MMC snap-in for Windows Media Services 2008, see the Release Notes for Windows Media Services 2008.

Both administrative interfaces require that you have access permission to the Windows Media Services service through DCOM. To enable access, you must open the TCP In and UDP In/Out ports in the firewall for RPC endpoint mapping and DCOM. By default, DCOM is free to use any port between 49152 and 65535 when it dynamically selects a port for an application. To create a higher level of security, you can configure a registry key that restricts the range of ports that DCOM will use to assign to applications. For more information, see How to configure RPC dynamic port allocation to work with firewalls.

Note

If you use a network management console, you can receive events through SNMP and Windows Management Instrumentation (WMI). With these events, you can keep apprised of server activity and react quickly to situations as they arise. To enable receipt of SNMP and WMI events, you must open UDP port 161 and TCP port 445 in your firewall. Note that remote connections in WMI are affected by Windows Firewall and DCOM settings. In Windows Vista and later operating systems, User Account Control (UAC) may also require changes to some settings. For more information, see Connecting to WMI Remotely Starting with Vista.