This tutorial will walk you through changing the ports that are used by your computer to connect to WinRm services. You might want to change these settings if you encounter a problem with CIFS or other homegroup-related files and folders, which is where Windows keeps its list of computers on your network.
The “winrm ports firewall” is a command-line tool that allows users to change the default ports for WinRm. The ports are used by Windows Remote Management.
When controlling remote Windows systems, WinRM and PowerShell Remoting is a must-have capability. WinRM, like other services, listens on specified ports under certain conditions. Learn about the WinRM ports in this lesson, as well as how to alter them if necessary.
The Ultimate Guide to PowerShell Remoting
The WinRM Listener is a piece of software that allows you to listen to
One of the most important parts of WInRM (and the ports it runs on) is The WinRM Listener is a piece of software that allows you to listen to.
The WinRM Listener is a piece of software that allows you to listen to is a web server at its core. It communicates with HTTP and HTTPS and back in the pre-Windows 7 days it even used to default to the same port 80 and port 443 that most web servers use.
Like a conventional web server, the listener runs as a service on your computer and waits for connections to try to be created.
A WinRm listener has two options for listening: HTTP or HTTPS. By default, the WinRM port for HTTP is 5985, while the WinRM port for HTTPS is 5986.
- 5985 is the HTTP port.
- 5986 is the HTTPS port.
The Ultimate Guide to PowerShell Remoting
Connecting to the Wrong Ports Causes Errors
Even if you provide the port like this, if you do not add the firewall rule while changing the port, you will see the same error.
WinRM Ports Can Be Changed
You may modify the default listening ports, which Microsoft recommends for compatibility and convenience of usage. When there is a conflict with the default ports or a firewall restriction prohibiting the usage of certain ports, this might be useful.
Perhaps you have a machine setup to connect to WinRM through custom ports. You get the following problem notice when you attempt to connect normally:
Connection to WinRM failed due to a misconfigured port.
If this is the case, it’s time to update the WinRM port on the server!
To update the WinRm ports, you must first determine whether or not a service is currently listening on those ports.
Identifying Existing Connections
The netstat utility is the simplest method to find out what ports are in use on a Windows computer. Netstat analyzes your system for all active ports and, if any are found, gives the source and destination IP and port.
Run netstat -aon to find out which ports are listening before modifying WinRm postings. The -aon switches are as follows:
- list all connections that are active (a)
- reveal the process ID for the connection-opening procedure (o)
- No effort should be made to resolve any DNS names of destination IPs (n)
To discover listening connections, run netstat.
If a web server is listening on port 80, for example, the Local Address column will show a line with the local address ending in:80. The PID, or process ID, used by the connection is shown in this row.
Once you have the PID, you can use it to determine the process name using the Get-Process PowerShell cmdlet, for example.
To get the name of a process, use Get-Process.
Although, as you can see from the screenshot above, the process name in this instance is just System. This indicates that the process is tightly interwoven with the operating system and is most likely incorporated into Windows.
Ports for WinRM Compatibility
Compatibility ports are a feature of WinRM. Compatibility ports exist to provide backward compatibility with outdated systems that only use ports 80 and 443 for HTTP and HTTPS, respectively. Enable the compatibility listeners if you require WinRm to listen on these ports.
Set the WSMan listeners to utilize the compatible ports after you’re sure there’s nothing else operating on ports 80 and 443. (80 for HTTP and 443 for HTTPS).
WSMan:localhostServiceEnableCompatibilityHttpListener -Value $true Set-Item WSMan:localhostServiceEnableCompatibilityHttpListener WSMan:localhostServiceEnableCompatibilityHttpsListener -Value $true Set-Item WSMan:localhostServiceEnableCompatibilityHttpsListener
WinRM is configured to listen on any port.
If you require WinRM to listen on a non-standard port for whatever reason, you may do it as well. To do so, follow these steps:
- Find the listener name. You can do this by enumerating all of The WinRM Listener is a piece of software that allows you to listen tos with the Get-Item cmdlet. The command below is listing all (*) of the listeners currently installed.
WSMan:localhostListener* Get-Item
Obtaining all WinRm listeners currently in use
2. Configure each listener using Set-Item, supplying the path of the listener and the port number to change it to, using the above-mentioned listener name.
WSMan:localhostListenerPort -Value Set-Item
3. At this point, The WinRM Listener is a piece of software that allows you to listen tos are listening on the correct ports, the Windows Firewall is probably rejecting any remote connections to those ports. You need to open those ports. To do so, run the following command. The New-NetFirewallRule below is creating a Windows Firewall rule to allow all inbound TCP connections to a custom port.
@ $FirewallParam $FirewallParam $FirewallParam $Firewall Direction = ‘Inbound’ DisplayName = ‘Custom WinRM Port Rule’ Protocol = ‘TCP’ Action = ‘Allow’ Program = ‘System’ LocalPort = Protocol = ‘TCP’ Action = ‘Allow’ Program = ‘System’ New @FirewallParam -NetFirewallRule
Disable Windows Firewall in a Variety of Ways (Related)
When attempting to connect, you’ll see a notice like this if you haven’t opened the proper Windows Firewall port:
Due to the Windows firewall, the WinRM connection failed.
PSRemoting Connection to a Custom Port
You must now try connecting with the WinRM client after successfully setting up and configuring WinRM on the WinRM server. To do so, you’ll need to provide one more parameter: port.
To achieve a successful connection, supply the Port argument and the port set up using any of the PSRemoting commands, such as Invoke-Command or Enter-PSSession.
Enter-PSSession -ComputerName <hostname> -Port 1111
Connection to WinRm was successful.
Related: The Best Way to Run Remote Code with Invoke-Command
The “winrm port number” is a command-line tool that allows users to change the default WinRm ports. The default WinRm ports can be changed by using the “winrm port”.
Frequently Asked Questions
What ports are used by WinRM?
A: Out of the box WinRM uses 5 ports by default. These are Port 25 (default SMTP port), Port 80 (HTTP/HTTPS), and 3,6,7 for SSH which can be changed using Control Panel > Services in Windows 10 or PowerShell commands.
How do I change the WinRM configuration?
A: WinRM is Microsofts Remote Management service. It allows you to manage remote computers on your network, even if they arent running Windows 10 or Server 2019. There are several parameters that can be changed in the configuration file so it doesnt have to do anything too complicated for a beginner like this!
How do I find the WinRM port?
A: This is a Windows system question and cannot be answered by me.
Related Tags
- how to check winrm port is enabled
- allow remote server management through winrm
- how to check winrm is enabled or not
- winrm port 5986 not listening
- winrm commands
