Many server applications and remote administration use Remote Procedure Call dynamic port allocation. Even though dynamic, it’s essential they follow a range rule as the customers or client machines can make sure the Firewall does not block these ports or ranges. In this guide, I will share how you can configure RPC dynamic port through Firewall via Registry entries.
Configure RPC dynamic port through Firewall via Registry
When selecting a range for RPC dynamic port make sure Windows and major Microsoft products do not use these ports. Since we are going to modify the Registry, make sure to create a system restore point, take a backup of the Registry. Then, you can restore the registry if a problem occurs.
Type regedit in the Run prompt, and hit Enter. It will open the Registry editor. Now navigate to:
HKEY_LOCAL_MACHINESoftwareMicrosoftRpc
Right click on RPC, and create a new KEY (folder) “Internet,” followed by the specified data types:
- Name: Ports | Type: Multi-String Value (REG_MULTI_SZ)
- Name: PortsInternetAvailable | Type: String (REG_SZ)
- Name: UseInternetPorts | Type: String(REG_SZ)
Close REGEDIT.
What do these RPC Registry keys mean?
- Ports: You can choose to define one single port or range of ports, e.g., 200 or 200-300
- PortsInternetAvailable: You should either add Y or N here. If Y, the ports available in the Ports key are all the Internet-available ports on that computer. If N, then all those ports that are not Internet-available.
- UseInternetPorts: Same as above, Y means the processes using the default will be assigned ports from the set of Internet-available ports, as defined previously. While N means they are intranet-only ports.
Always remember that when you have a server which is high on traffic, the availability of the ports might be tough. When setting up a range, still consider this. The Endpoint Mapper Service register these ports. If they are not registered, you may receive a configuration error – 87 (0x57) ERROR_INVALID_PARAMETER.
Post this, make sure that everything is working fine. Then add these ports to the client Firewall settings, so they are not blocked.
Its easy to configure RPC dynamic port, and they make sure these ports are clear from Firewall restriction. That way client machines will not have any problem connecting to server and applications.