Issue
WM Software products communicate to remote client computers in various ways. If your company requires the Windows Firewall to be enabled, then Windows Management Instrumentation must be allowed to pass through the firewall.

If this is your situation, please continue reading.


Cause
WMI relies on Distributed COM (DCOM) to communicate between computers. DCOM uses TCP port 135 for the initial connection, followed by dynamically assigned RPC ports (49152-65535). If these ports are blocked, WMI queries will fail.

Some WM Software products can use port 21801. See kb article kb1139

Solution
For some WM Software products, you can allow TCP port 21801 on both the client and server to work through the firewall.

Alternatively, you can allow WMI through the firewall with the following commands run on the client:

netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
netsh advfirewall firewall add rule name="DCOM" dir=in action=allow protocol=TCP localport=135