Forum Discussion

Emortta's avatar
Emortta
Copper Contributor
Dec 22, 2022

connection error

Hello,

I'm having connection error win WAC on machines:

  • WAC and "CLIENT01.DOMAIN" are on different subnets.
  • WAC running on https://SERVER01.DOMAIN:666/
  • Using a Admin for connection.
  • Both Client and WAC are Domain Joined.

"Connection error

Connecting to remote server CLIENT01.DOMAIN failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic."

I tried : 

from WAC 

 

Test-WSMan CLIENT01.DOMAIN
RESULT:
wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0

 

and

 

Test-NetConnection -Port 5985 -ComputerName CLIENT01.DOMAIN -InformationLevel Detailed

ComputerName            : CLIENT01.DOMAIN
RemoteAddress           : XXX.XXX.XXX.XXX
RemotePort              : 5985
NameResolutionResults   : XXX.XXX.XXX.XXX
MatchingIPsecRules      :
NetworkIsolationContext : Private Network
InterfaceAlias          : Ethernet0
SourceAddress           : XXX.XXX.XXX.XXX
NetRoute (NextHop)      : XXX.XXX.XXX.XXX
TcpTestSucceeded        : True

 

 

CLIENT WINRM config:

 

 

winrm get winrm/config
Config
    MaxEnvelopeSizekb = 500
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = TRUSTEDSERVER01.DOMAIN, TRUSTEDSERVER02.DOMAIN [Source="GPO"]
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 1500
        EnumerationTimeoutms = 240000
        MaxConnections = 300
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = false
        Auth
            Basic = false
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = * [Source="GPO"]
        IPv6Filter = * [Source="GPO"]
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
        AllowRemoteAccess = true [Source="GPO"]
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 7200000
        MaxConcurrentUsers = 2147483647
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 2147483647
        MaxMemoryPerShellMB = 2147483647
        MaxShellsPerUser = 2147483647

 

 

 

So I guess that the WAC service also should work . what I'm I missing?

 

 

 

/Martin

 

No RepliesBe the first to reply

Resources