How to audit servers located in another subnet behind firewall
Netwrix Auditor for Windows Servers (NetWrix Server Configuration Change Reporter in 6.5 or older) does not work with systems on different subnets. The following errors appear:
<server> : Error during agent operation on server <server>. Cannot open Service Control Manager on computer '<server>'. This operation might require other privileges. Additional information: The RPC server is unavailable .
<server> : Error during agent operation on server <server>. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA). Additional information: none.
<server> : Error during agent operation on server <server>. Check if .Net Framework is installed error. Additional information: none.
One of the required ports is blocked by Firewall.
Resolution
To resolve the issue, make sure the following ports are opened:
TCP 135andTCP 445are opened both ways.- Dynamic RPC ports range are opened from the server where Netwrix Auditor is installed to the monitored server. The product uses these ports to connect to the monitored servers and launch the agent services. You can open the ports in two ways:
- Open the following TCP ports range on your Firewall:
for Windows Vista/7/2008:
49152-65535
for Windows XP/2003:1024-5000
- Alternatively, you can configure a custom Dynamic RPC ports range on the managed server, for example you can configure ports
50000-50200and open these ports in your Firewall. For detailed instructions, please refer to the following Microsoft KB article: http://support.microsoft.com/kb/154596