MSDTC and firewall

firewall msdtc
Balaji picture Balaji · Sep 18, 2009 · Viewed 24.1k times · Source

We are using MSDTC for SQL transactions. I am having issue with setting up firewall for MSDTC to work. The application and SQL are running on separate machine. Currently MSDTC is working if i turn off firewall on application server. I think there should be someway to add exception to the firewall setting for some ports. So that firewall can still be ON and DTC will not have any issues. I am not sure of the ports to add in firewall setting (I did try adding port 135 with no success)

Answer

Matt Wrock picture Matt Wrock · Sep 18, 2009

Have your Firewall allow port 135 and the dcom port range. By default, the dcom port range is 1024-65535. Thats a big range to open up. You can limit this range in the registry or using dcomcnfg. This post describes this:

http://blogs.msdn.com/distributedservices/archive/2008/11/12/troubleshooting-msdtc-issues-with-the-dtcping-tool.aspx

Related questions

MSDTC - how many ports are needed

I have a considerably large application that uses MSDTC. How many ports should I open? Is there any way to determine it? EDIT: I know what ports I need to open, I don't know how many I need.

Read More
Open firewall port on CentOS 7

I am using CentOS 7 and I have to ensure that ports 2888 and 3888 are open. I read this article but this did not work because on CentOS 7 OS there is no iptables save command. Someone told me that the above URL …

Read More
How can I remove specific rules from iptables?

I am hosting special HTTP and HTTPS services on the ports 8006 and 8007 respectively. I use iptables to "activate" the server; i.e. to route the incoming HTTP and HTTPS ports: iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT …

Read More