Allow WMI through Windows Firewall for Endpoint Security

Document created by drossler Employee on May 9, 2017Last modified by jyamada on Jan 23, 2019
Version 15Show Document
  • View in full screen mode

After initiating a Client Push Install, one or more endpoints display the following error message:

RPC server is unavailable. Please allow WMI through Windows Firewall.



Your Group Policy's firewall does not meet the prerequisites needed for a Client Push Install. Windows Management Instrumentation (WMI) is not enabled on your firewall. Without Windows Management Instrumentation, Remote Procedure Call (RPC) cannot establish a connection between the endpoint and server.



Configure your Group Policy's firewall to meet the following prerequisites:

  • Open ports 135, 137, and 445
  • Enable Windows Management Instrumentation (WMI)
  • Enable Remote Procedure Call (RPC)


To see instructions for Windows Firewall, refer to the article Endpoint Security firewall prerequisites to deploy clients via Group Policy.


You can also use Command Prompt to configure the prerequisites above. Execute the commands below on each endpoint experiencing the error.


Windows XP, Vista, and 7

netsh firewall set service RemoteAdmin enable


Windows 8, 8.1, and 10

netsh advfirewall firewall set rule group="remote administration" new enable=yes
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes


Additional information