To verify if it's MECM causing the issue, a test machine experiencing the symptoms had the client removed. Running netstat shows multiple connections on the system to itself (see image). The IPSec Policy Agent service did not start automatically on our client machines until we upgraded to v.2111. The MECM Client is doing some type of WMI queries and keeping the sessions open.
#OPEN EPHEMERAL PORTS WINDOWS#
You must also restart the Windows Management Instrumentation service. This didnt work with proxies and NATs so a passive mode was implemented that used the same connection that the client first used to transfer data. Restarting the IPSec Policy Agent service clears the ports however, the clients still cannot connect establish new connections. It had the server connect back to the client on the port the client gave for data transfer. The processes that are keeping the ports open are WMIPrvSE.exe and svchost.exe. Starting Nmap 6.40 ( ) at 12:05 PDT Nmap scan report for YuenX-DC1 (192.168.123.10) Host is up (0.00047s latency). The machines require a restart to purge the open sessions (or what is described in the next paragraph). After a period of time, our managed clients are running into the maximum number of ephemeral ports which is preventing the clients from communicating with MECM, AD, etc. This issue has started to pop up now, because it takes time for the maximum number of ephemeral ports to be reached. There seems to be some kind of change to the client that I'm unable to locate. We updated our MECM environment to 2111 last year.
0 kommentar(er)
