Allow WMI through Windows Firewall

Document created by drossler Employee on May 9, 2017Last modified by asmith on Jan 24, 2018
Version 13Show Document
  • View in full screen mode

After initiating a Client Push Install, one or more endpoints display the following error message:

RPC server is unavailable. Please allow WMI through Windows Firewall.



Your Group Policy's firewall does not meet the prerequisites needed for a Client Push Install.  Windows Management Instrumentation (WMI) is not enabled on your firewall.  Without Windows Management Instrumentation, Remote Procedure Call (RPC) cannot establish a connection between the endpoint and server.



Configure your Group Policy's firewall to meet the following prerequisites:

  • Open ports 135, 137, and 445
  • Enable Windows Management Instrumentation (WMI)
  • Enable Remote Procedure Call (RPC)


To see instructions for Windows Firewall, refer to the article Firewall prerequisites to deploy clients via Group Policy.


You can also use Command Prompt to configure the prerequisites above.  Execute the commands below on each endpoint experiencing the error.


Windows XP, Vista, and 7

netsh firewall set service RemoteAdmin enable


Windows 8, 8.1, and 10

netsh advfirewall firewall set rule group="remote administration" new enable=yes
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes


Additional information