What Firewall Rules for Audit Collection Service in SCOM 2012

Question

What Firewall Ports or Rules do I have to Configure, to enable the Forwarders to Connect to the ACS Collector?

When the Firewall on Collector is enabled, no Forwarder can connect to the Collector, When the Firewall on Collector is disabled, the Forwarders cannot connect to the Collector.

The Event View displays events saying: Audit Forwarder connceted on Port: 51408 the next server is connecting on Port 19904

Is it possible to set static Ports?

Im Using Windows Server 2012R2 on all Servers, Im Using System Center Operations Manager 2012,

Are the forwarder and collector in the same domain? – Clayton Feb 05 '15 at 14:01 — Clayton, Feb 05 '15 at 14:01
yes, the are in the same domain – Joel Feb 06 '15 at 09:54 — Joel, Feb 06 '15 at 09:54

score 2 · Accepted Answer · answered Feb 05 '15 at 10:47

2

What Microsoft says - Because of the limited communication between an ACS forwarder and an ACS collector you only need to open the inbound TCP port 51909 on a firewall to enable an ACS forwarder, separated from your network by a firewall, to reach the ACS collector.

You can check if default port is not changed from 51909:

On the ACS Collector server run regedit
Go to HKLM\System\CurrentControlSet\Services\AdtServer\Parameters
Check key named AdtAgentPort and its value (should be 51909)

answered Feb 05 '15 at 10:47

Yan Skursky

336
1
3

default port has not changed. Firewall port `51909` open now on collector. Still no connection. Also Im getting errors(id: 4680 and id: 4618). The Collector cannot connect to the database. Im `not getting` those errors, if the firewall `allows all inbound ports` on collector server. – Joel Feb 05 '15 at 12:00
1

well, after opening those ports, i did a reboot of the collector machine. this solved my issue. – Joel Feb 05 '15 at 12:10

What Firewall Rules for Audit Collection Service in SCOM 2012

1 Answers1