- About LogicMonitor
- AIOps
- Alerts
- Certification
- Cloud Monitoring
- Collectors
- Dashboards and Widgets
- Devices
- Getting Started
- LM Service Insight
- LogicModules
- Mobile
- Monitoring
- Backup and Recovery Systems
- Cloud Resources
- Containers
- Networking & Firewalls
- Fortinet FortiWLC Monitoring
- Fortinet FortiWeb Monitoring
- Fortinet FortiSwitch Monitoring
- Fortinet FortiManager Monitoring
- Fortinet FortiMail Monitoring
- Fortinet FortiAuthenticator Monitoring
- Fortinet FortiADC Monitoring
- Ruckus ZoneDirector Monitoring
- Cisco VoIP Monitoring
- Cisco UCS Monitoring
- Cisco Wireless Monitoring
- Brocade Application Delivery Controllers
- Checkpoint Firewalls
- Cisco APIC Monitoring
- Cisco ASA/ASR
- Cisco Device SNMP and NTP Configuration
- Cisco Firepower Chassis Manager Monitoring
- Cisco SD-WAN Monitoring
- Cisco IP SLA Monitoring
- Citrix NetScalers
- Dell Switch Monitoring
- F5 BIG-IP Monitoring
- Fortinet FortiGate Monitoring
- Infoblox Monitoring
- Interface Status alerting and Bandwidth Utilization
- Juniper SRX
- Kemp LoadMaster Load Balancers
- Cisco Meraki Monitoring
- NetFlow Monitoring
- Netscreen
- Palo Alto Firewall Monitoring
- pfSense Firewalls
- Sonicwall Firewalls
- Operating Systems & Virtualization
- Linux (via SSH) Monitoring
- VMware Horizon Monitoring
- AIX
- Citrix XenServer Monitoring
- Citrix XenApp/XenDesktop Monitoring
- ESXi Servers and vCenter/vSphere Monitoring
- FreeBSD
- Linux Disk Performance
- Linux File Systems reporting more than 100% usage
- Linux Inodes
- Linux Interface Bandwidth Utilization
- Linux NFS Server
- Monitoring a Domain Controller (DC)
- Monitoring Remote Linux Files
- NTP Configuration
- NTP Monitoring
- Nutanix HyperConverged Infrastructure
- SNMP v1/v2 Configuration
- SNMPv3 Configuration
- Solaris Monitoring
- Troubleshooting Perfmon Access
- Troubleshooting SNMP
- Troubleshooting WMI
- VMware vCenter Server Appliance (VCSA) Monitoring
- Windows Cluster Monitoring
- Windows Firewall Issues
- Windows Server 2000
- Windows XP
- Applications & Databases
- Atlassian Statuspage (statuspage.io) Monitoring
- Microsoft Office 365 Monitoring
- OpenMetrics Monitoring
- Zoom Monitoring
- Windows Server Failover Cluster (on SQL Server) Monitoring
- Slack Status Monitoring
- Unomaly Monitoring
- Apache Monitoring
- Cassandra Monitoring
- ConnectWise Monitoring
- Email Service Monitoring
- Java Applications
- JIRA
- Kafka
- Lighttpd Monitoring
- Microsoft Exchange Monitoring
- Microsoft SQL Server Monitoring
- MongoDB Monitoring
- MySQL Monitoring
- Nginx Monitoring
- Oracle Monitoring
- Pick & D3
- Postfix Monitoring
- PostgreSQL Monitoring
- RabbitMQ Monitoring
- Redis Monitoring
- SumoLogic
- Tomcat
- Twilio Monitoring
- Varnish HTTP Accelerator
- Couchbase Server Monitoring
- Server & Operations Hardware
- Storage Systems
- Cisco HyperFlex Monitoring
- Dell SC Monitoring
- Apache Hadoop Monitoring
- EMC ECS
- EMC Isilon Monitoring
- EMC Unity Monitoring
- EMC VMAX
- EMC VNX/Clariion SAN
- EMC VNXe
- EMC VPLEX
- EMC XtremIO Monitoring
- HPE 3PAR Storage
- HP MSA / StorageWorks / P2000 Monitoring
- HP P4000/Lefthand SANs
- NetApp E/EF-Series Monitoring
- NetApp Monitoring
- Nimble Storage
- Panzura Cloud Storage
- Pure Storage Monitoring
- Quantum Small Tape Libraries
- VMware vSAN Monitoring
- Reports
- Rest API Developers Guide
- RPC API Developers Guide - Deprecated
- Servicenow CMDB Integration
- Settings
- Terminology and Syntax
- Websites
Windows Firewall Issues
Configuring Windows Firewall to Allow Remote WMI
When obtaining data from a remote computer, WMI must establish a DCOM connection. If a Windows firewall is running with default settings, it will not allow this connection. To allow remote WMI through the firewall, on the computer to be monitored, perform one of the sets of steps outlined next.
Using the Command-Line Shell
To allow remote WMI through the firewall using the command-line shell:
- Enter one of the following commands, depending upon your Windows version:
netsh firewall set service RemoteAdmin enablenetsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
Using the Group Policy Editor
To allow remote WMI through the firewall using the Group Policy editor, perform the following steps to enable “Allow Remote Administration” on the computer to be monitored:
- Under the Local Computer Policy heading, double-click Computer Configuration.
- Double-click Administrative Templates, Network, Network Connections, and then Windows Firewall.
- If the computer is in the domain, then double-click Domain Profile; otherwise, double-click Standard Profile.
- Click Windows Firewall: Allow remote administration exception.
- On the Action menu, select Properties.
- Click Enable, and then click OK.
- See Connecting Through Windows Firewall
Connecting Through External Firewalls
In the monitoring industry, it is typically not recommended to connect to a remote Windows computer through an external firewall via WMI. Rather, if you have different security zones in your network that are separated by firewalls or NAT devices, and no host is excluded from these restrictions, then simply install multiple Collectors—one on each side of the firewall or NAT devices—to monitor hosts in those zones appropriately.
The reason it is not recommended to connect through external firewalls is because it requires that hosts then be configured to restrict to a port range. In addition to creating an administrative burden, this customization can lead to port exhaustion if other applications rely on WMI but available ports are restricted, which can then subsequently prevent those applications or even LogicMonitor from referencing or collecting data. In addition, because customizations are in place, LogicMonitor’s ability to provide troubleshooting support may be limited if issues arise.
With that said, if you wish to try monitoring Windows hosts from a Collector that is firewalled from them, you must ensure that DCOM works, and that no NAT is being performed. While it can be done, you are accepting some risks as this configuration could present many No Data alerts and possibly result in poor monitoring reliability.
In this Article: