We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Attention

Starting May 1st, 2018, we will no longer offer the ArchiveOne family of products. This includes all editions of ArchiveOne, ArchiveOne for Files, Max Compression, and Access Security Manager. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support until your contract expires, or until May 1st, 2019, whichever occurs first. The license for ArchiveOne is perpetual; therefore the software may continue to be used independently without any updates or support indefinitely.

How to Configure the Firewall to Allow DCOM Connections

  • Last updated on

This article refers to the Barracuda ArchiveOne and Microsoft Windows Server 2008 and higher.

Windows Server 2008 introduced an improved version of the Windows Firewall as enabled and running by default. As part of that default configuration, DCOM connections to a Windows 2008 server are blocked. However, there are various scenarios where it would be advantageous to allow DCOM connections to that server, for example, Quick Link Client or ArchiveOne Admin console.

Step 1. Apply the Default Firewall Rule

Use the steps outlined in the Microsoft TechNet article Event ID 10006 - COM Remote Service Availability to apply the default firewall rule COM+ Network Access (DCOM In) to permit DCOM connections on TCP port 135.

Step 2. Configure RPC

Use the steps outlined in the Microsoft TechNet article How to configure RPC dynamic port allocation to work with firewalls to allow DCOM connections to the Server.

This limits the range of ports you need to open on the Windows Firewall. If you do not assign a static port, you must create a firewall rule permitting the entire dynamic range of ports:

  1. On the Archive server, open the Windows Firewall application from the Control Panel.
  2. Click Advanced Settings in the left pane.
  3. Right-click the Inbound Rules node, and click New Rule.
  4. The New Inbound Rule wizard opens. On the Rule Type page, select Custom, and then click Next.
  5. On the Program page, select All Programs, and click Next.
  6. On the Protocol and Ports page:
    1. Select TCP from the Protocol Type drop-down menu.
    2. Select RPC Dynamic Ports from the Local Port drop-down menu.
    3. Select Specific Ports from the Remote Port drop-down menu, and enter 1024-65535 in the associated field.
  7. Click Next.
  8. On the Scope page:
    1. Under Which local IP addresses does this rule apply to, select Any IP Address.
    2. Under Which remote IP addresses does this rule apply to?, select Any IP Address to allow all remote connections, or select These IP addresses and enter the specific IP address(es).
  9. Click Next.

    This is recommended if only one machine or a range of machines are going to connect via DCOM.

  10. On the Action plan, select Allow the connection, and click Next.
  11. On the Profile page, select only the Domain option, and then click Next.
  12. On the Name page, enter a name to identify the rule, for example, ArchiveOne incoming DCOM connections.
  13. Click Finish.
  14. Verify the rule is enabled.

 

Last updated on